GHSA-X39J-H85H-3F46 go-merkledag's ProtoNode may be modified such that common method calls may panic

Impact A ProtoNode may be modified in such a way as to cause various encode errors which will trigger a panic on common method calls that don't allow for error returns. A ProtoNode should only be able to encode to valid DAG-PB, attempting to encode invalid DAG-PB forms will result in an error fro...

XSS to LFI in Runcode Feature

Description By default runcode santized document prefix but if html encode to...

GSD-2022-1006970 usb: gadget: uvc: fix sg handling during video encode

usb: gadget: uvc: fix sg handling during video encode This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.77 by commit...

GSD-2022-1006668 usb: gadget: uvc: fix sg handling during video encode

usb: gadget: uvc: fix sg handling during video encode This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.7 by commit...

CVE-2022-3965

A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smcencodestream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument ysize leads to out-of-bounds read. The attack can be initiated...

PT-2022-7212 · FFmpeg +2 · Ffmpeg +2

Name of the Vulnerable Software and Affected Versions: FFmpeg affected versions not specified Description: The issue is related to the smc encode stream function in the libavcodec/smcenc.c component of the FFmpeg library. It involves an out-of-bounds read due to the manipulation of the y size...

WP User Frontend < 3.5.29 - Obscure Registration as Admin

The plugin uses a user supplied argument called urhidden in its registration form, which contains the role for the account to be created with, encrypted via wpufencryption. This could allow an attacker having access to the AUTHKEY and AUTHSALT constant via an arbitrary file access issue for...

CVE-2022-39350 @dependencytrack/frontend vulnerable to Persistent Cross-Site-Scripting via Vulnerability Details

@dependencytrack/frontend is a Single Page Application SPA used in Dependency-Track, an open source Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Due to the common practice of providing vulnerability details in markdown format, the...

AZL-11318 CVE-2021-46848 affecting package libtasn1 for versions less than 4.19.0-1

GNU Libtasn1 before 4.19.0 has an ETYPEOK off-by-one array size check that affects asn1encodesimpleder...

Huawei EulerOS: Security Advisory for perl-Encode (EulerOS-SA-2022-2433)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for perl-Encode (EulerOS-SA-2022-2420)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : perl-Encode (EulerOS-SA-2022-2433)

According to the versions of the perl-Encode package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library in th...

EulerOS 2.0 SP10 : perl-Encode (EulerOS-SA-2022-2420)

According to the versions of the perl-Encode package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library in th...

Kadence WooCommerce Email Designer < 1.5.7 - Admin+ PHP Objection Injection

The plugin unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import intentionally or not a malicious file and a suitable gadget chain is present on the blog. To simulate a gadget chain, put the following code in a plugin class Evil public...

PT-2022-37310 · Oracle · Java

Name of the Vulnerable Software and Affected Versions: java versions affected versions not specified Description: The issue is related to a security exception. Technical details about the crash include the Parser.parseConditionalExpression function and the CESU 8$Encoder.encodeLoop method in...

Cross-site Scripting (XSS)

craftcms/cms is vulnerable to cross-site scripting. The vulnerability exists because the fldTabHtml and fldFieldSelectorsHtml functions of Cp.php does not properly encode the tab and groupName parameters, allowing an attacker to inject and execute malicious javascript...

Download Monitor < 4.5.98 - Admin+ Arbitrary File Download

The plugin does not ensure that files to be downloaded are inside the blog folders, and not sensitive, allowing high privilege users such as admin to download the wp-config.php or /etc/passwd even in an hardened environment or multisite setup. Create a new download on:...

PT-2022-37213 · Git +1 · Opensc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-double-free crash. Technical details about the crash include the function names sc pkcs15 encode df, sc pkcs15init update...

PT-2022-5380

Name of the Vulnerable Software and Affected Versions GNU Libtasn1 versions prior to 4.19.0 Description The issue is related to an off-by-one error in the asn1 encode simple der function of the Libtasn1 library. This can be exploited by a remote attacker to disclose protected information or cause...

Security feature bypass

An exponential ReDoS Regular Expression Denial of Service can be triggered in the eth-account PyPI package, when an attacker is able to supply arbitrary input to the encodestructureddata method...