1017 matches found
CVE-2022-4246 Kakao PotPlayer MID File denial of service
A vulnerability classified as problematic has been found in Kakao PotPlayer. This affects an unknown part of the component MID File Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. T...
PT-2022-23818 · Unknown · Patrickfuller Camp
Name of the Vulnerable Software and Affected Versions: patrickfuller camp versions up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 Description: The issue concerns Incorrect Access Control. Access to the password.txt file is not properly restricted as it is in the root director...
CVE-2022-3458
A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /employeeview.php of the component Image File Handler. The manipulation leads to unrestricted upload. The attack...
CVE-2022-3458
A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /employeeview.php of the component Image File Handler. The manipulation leads to unrestricted upload. The attack...
Out-of-bounds
A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /employeeview.php of the component Image File Handler. The manipulation leads to unrestricted upload. The attack...
PT-2022-22218 · Sourcecodester · Sourcecodester Human Resource Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Management System version 1.0 Description: A critical issue has been found in the Image File Handler component of the SourceCodester Human Resource Management System, specifically affecting an unknown functionali...
Human Resource Management System 安全漏洞
Human Resource Management System is a human resource management system by maverickosama Personal Developer. A security vulnerability exists in Human Resource Management System, which originates from an unknown function in employeeview.php in the Image File Handler, and can be exploited by an...
Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely
WhatsApp has released security updates to address two flaws in its messaging app for Android and iOS that could lead to remote code execution on vulnerable devices. One of them concerns CVE-2022-36934 CVSS score: 9.8, a critical integer overflow vulnerability in WhatsApp that results in the...
jenkins-plugin: Arbitrary file write vulnerability in Pipeline Input Step Plugin
A flaw was found in the Pipeline Input Step Plugin. This issue affects the code of the component Archive File Handler. The manipulation of the argument file with a malicious input leads to a directory traversal vulnerability...
Remote Code Execution
flysystem is vulnerable to remote code execution. An attacker is able to upload and execute malicious code on the system under attack via the component File Handler...
kernel: cgroup: Use open-time creds and namespace for migration perm checks
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1...
AZL-43666 CVE-2022-31650 affecting package sox 14.4.2.0-34
In SoX 14.4.2, there is a floating-point exception in lsxaiffstartwrite in aiff.c in libsox.a...
GHSA-GJJX-GQM4-WCGM Uncontrolled Resource Consumption in Undertow
It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...
Uncontrolled Resource Consumption in Undertow
It was found that URLResource.getLastModified in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak...
kernel: cgroup: Use open-time creds and namespace for migration perm checks
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1...
Denial Of Service (DoS)
LibTIFF is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization via the TIFF File Handler of tiff2ps allowing an attacker to crash the system...
DEBIAN-CVE-2022-1210
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...
CVE-2022-1210
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...
AZL-9302 CVE-2022-1210 affecting package libtiff for versions less than 4.4.0-1
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...
CVE-2022-1210
A vulnerability classified as problematic was found in LibTIFF 4.3.0. Affected by this vulnerability is the TIFF File Handler of tiff2ps. Opening a malicious file leads to a denial of service. The attack can be launched remotely but requires user interaction. The exploit has been disclosed to the...