PT-2022-24028 · Npm +2 · @Xmldom/Xmldom +2

Name of the Vulnerable Software and Affected Versions: @xmldom/xmldom versions prior to 0.8.3 Description: A prototype pollution vulnerability exists in the function copy in dom.js via the p variable. This issue is disputed by the vendor and some third parties, with attempts to create a proof of...

PT-2022-22499 · Unknown +4 · Advancecomp +4

Name of the Vulnerable Software and Affected Versions: Advancecomp version 2.3 Description: A heap buffer overflow issue was discovered in Advancecomp via the component interceptor memcpy at /sanitizer common/sanitizer common interceptors.inc. This issue affects the specified version of...

CVE-2021-41834

JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control, the copy functionality can be used by a low-privileged user to read and copy any artifact that exists in the Artifactory deployment due to improper permissions validation...

JFrog Artifactory 安全漏洞

Jfrog JFrog Artifactory is an open source, general-purpose Artifact repository manager from Israel's Jfrog that supports clustering and high-availability Docker registries, and provides an end-to-end solution for tracking artifact automation from development to production. A security vulnerabilit...

CuppaCMS has an unspecified vulnerability

CuppaCMS is a content management system CMS. a security vulnerability exists in CuppaCMS version 1.0, which stems from the fact that CuppaCMS reads arbitrary files via the copy function. No details of the vulnerability are currently available...

CVE-2022-25497

CuppaCMS v1.0 was discovered to contain an arbitrary file read via the copy function...

CVE-2022-25497

CuppaCMS v1.0 was discovered to contain an arbitrary file read via the copy function...

Code injection

CuppaCMS v1.0 was discovered to contain an arbitrary file read via the copy function...

CuppaCMS 安全漏洞

CuppaCMS is a content management system CMS. a security vulnerability exists in CuppaCMS version 1.0, which stems from the fact that CuppaCMS reads arbitrary files via the copy function. No details of the vulnerability are currently available...

CVE-2022-25401

The copy function of the file manager in Cuppa CMS v1.0 allows any file to be copied to the current directory, granting attackers read access to arbitrary files...

CVE-2022-25401

The copy function of the file manager in Cuppa CMS v1.0 allows any file to be copied to the current directory, granting attackers read access to arbitrary files...

Cuppa CMS 访问控制错误漏洞

CuppaCMS is a content management system CMS. An access control error vulnerability exists in Cuppa CMS, which stems from the product's file copy function that allows arbitrary files to be copied to the current directory. An attacker could read arbitrary files through this vulnerability. The...

CVE-2022-25401

The copy function of the file manager in Cuppa CMS v1.0 allows any file to be copied to the current directory, granting attackers read access to arbitrary files...

CVE-2020-27486

Garmin Forerunner 235 before 8.20 is affected by: Buffer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter trusts the string length...

AZL-44778 CVE-2020-14019 affecting package python-rtslib 2.1.fb69-9

Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile instead of shutil.copy is used, and thus permissions are not preserved...

PT-2020-5627 · Qemu +6 · Qemu +6

Name of the Vulnerable Software and Affected Versions: QEMU versions 4.0 through 4.1.0 Description: The issue is related to the rom copy function in hw/core/loader.c, which does not properly validate the relationship between two addresses. This allows attackers to trigger an invalid memory copy...

CVE-2018-19320

The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system...

pcre: stack-based buffer overflow write in pcre32_copy_substring

Stack-based buffer overflow in the pcre32copysubstring function in pcreget.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service WRITE of size 268 or possibly have unspecified other impact via a crafted file...

DEBIAN-CVE-2018-14031

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5Tcopy in H5T.c...

HDF5 'H5VM_memcpyvv' function out-of-bounds read vulnerability

HDF5 is a free suite of tools for managing the storage of different types of data that can be managed, manipulated, viewed, analyzed, and generated in portable formats. An out-of-bounds read vulnerability exists in the 'H5VMmemcpyvv' function of the H5VM.c file in HDF5 version 1.10.2. A remote...