keylime 安全漏洞

Keylime is an open source extensible trust system for Keylime that utilizes TPM technology. There is a security vulnerability in Keylime, there is no information about this vulnerability yet, please stay tuned to CNNVD or the vendor announcement...

expat: Integer overflow in defineAttribute in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

expat: Integer overflow in doProlog in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

expat: Integer overflow in nextScaffoldPart in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

expat: Large number of prefixed XML attributes on a single tag can crash libexpat

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to buffer overrun. The highest threat from this vulnerability is to availability...

CVE-2022-33938

A format string injection vulnerability exists in the ghomeprocesscontrolpacket functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted XCMD can lead to memory corruption, information disclosure and denial of service. An attacker can send a malicious X...

PT-2022-6771 · Google +1 · Google Chrome +1

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 107.0.5304.62 Description: The issue is related to an inappropriate implementation in XML, allowing a remote attacker to potentially perform an ASLR bypass via a crafted HTML page. This is due to insufficient...

Abode Iota 安全漏洞

Abode Iota is a reliable Diy home security system from Abode. A security vulnerability exists in Abode Iota versions 6.9X and 6.9Z, which stems from a denial of service caused by an attacker who can send a malicious XML payload to its XCMD doDebug function...

Abode Iota 安全漏洞

Abode Iota is a reliable Diy home security system from Abode. A security vulnerability exists in Abode Iota versions 6.9X and 6.9Z, which stems from a stack-based buffer overflow in the XCMD setIPCam function that can be exploited by an attacker to send a malicious XML payload to execute arbitrar...

CVE-2022-22226

In VxLAN scenarios on EX4300-MP, EX4600, QFX5000 Series devices an Uncontrolled Memory Allocation vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows an unauthenticated adjacently located attacker sending specific packets to cause a Denial of Service DoS conditio...

CVE-2022-3244

The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not have authorisation in some places, which could allow any authenticated users to access some of the plugin features if they manage to get the related nonce...

WordPress Plugin Import all XML, CSV & TXT SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Import all XML, CSV & TXT ...

Fedora: Security Advisory for weechat (FEDORA-2022-b81c4781af)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Dell BIOS 输入验证错误漏洞

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell USA. A security vulnerability exists in Dell BIOS that stems from incorrect input validation. An attacker could exploit the vulnerability to modify UEFI variables...

SAP 3D Visual Enterprise Author 缓冲区错误漏洞

SAP 3D Visual Enterprise Author is a desktop application for managing 2D, 3D, animation, video and audio assets from SAP. A buffer overflow vulnerability exists in SAP 3D Visual Enterprise Author version 9, which stems from a lack of proper memory management and can be exploited by an attacker to...

Polycom RealPresence Resource Manager 安全漏洞

Polycom RealPresence Resource Manager is a device management software from Polycom USA. It provides centralized management of all your support devices, from mobile devices to desktops and conference phones, through video conference room systems and telepresence. A security vulnerability exists in...

[SECURITY] Fedora 35 Update: enlightenment-0.25.4-1.fc35

Enlightenment window manager is a lean, fast, modular and very extensible win dow manager for X11 and Linux. It is classed as a "desktop shell" providing the things you need to operate your desktop or laptop, but is not a whole ' application suite. This covered launching applications, managing...

OESA-2022-1966 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.CVE-2022-40307 A flaw use after free in the Linux kernel video4linux driver wa...

编号撤回

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. This CVE number has been withdrawn...

DEBIAN-CVE-2022-39835

An issue was discovered in Gajim through 1.4.7. The vulnerability allows attackers, via crafted XML stanzas, to correct messages that were not sent by them. The attacker needs to be part of the group chat or single chat. The fixed version is 1.5.0...