CVE-2022-44617

A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library...

CVE-2022-44617

A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library...

CVE-2021-33642

When a file is processed, an infinite loop occurs in nextinline of the morecurly function...

CVE-2021-33641

When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory use after free...

Memory corruption

When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory use after free...

CVE-2021-33642

When a file is processed, an infinite loop occurs in nextinline of the morecurly function...

CVE-2021-33642

CVE-2021-33642 (byacc) is confirmed to cause an infinite loop in next_inline() inside the more_curly() function when processing files. Connected sources enumerate affected packages across multiple Linux distributions (e.g., Red Hat, Amazon Linux, EulerOS, OpenVAS entries), with CVE-2021-33641 als...

CVE-2021-33641

When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory use after free...

PT-2023-12221 · Openeuler · Byacc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: When a file is processed, an infinite loop occurs in the next inline function of the more curly function. Recommendations: At the moment, there is no...

CVE-2021-33642

When a file is processed, an infinite loop occurs in nextinline of the morecurly function...

PT-2023-10249 · Unknown · Copperwall Twiddit

Name of the Vulnerable Software and Affected Versions: copperwall Twiddit affected versions not specified Description: A critical issue affects the processing of the file index.php, leading to sql injection. The estimated number of potentially affected devices worldwide is not available. There is...

DEBIAN-CVE-2023-22809

In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected...

CVE-2022-4883

A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH...

CVE-2009-10002 dpup fittr-flickr EXIF Preview easy-exif.js cross site scripting

A vulnerability, which was classified as problematic, has been found in dpup fittr-flickr. This issue affects some unknown processing of the file fittr-flickr/features/easy-exif.js of the component EXIF Preview Handler. The manipulation leads to cross site scripting. The attack may be initiated...

PT-2023-10198 · Foxoverflow · Mysimplifiedsql

Name of the Vulnerable Software and Affected Versions: foxoverflow MySimplifiedSQL affected versions not specified Description: A problematic issue has been found in foxoverflow MySimplifiedSQL, affecting the processing of the file MySimplifiedSQL Examples.php. The manipulation of the...

CVE-2022-4602

A vulnerability was found in Shoplazza LifeStyle 1.1. It has been rated as problematic. This issue affects some unknown processing of the file /admin/api/theme-edit/ of the component Review Flow Handler. The manipulation of the argument Title leads to cross site scripting. The attack may be...

Input validation

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing a maliciously crafted file may lead to arbitrary code execution...

CVE-2022-4052

A vulnerability was found in Student Attendance Management System and classified as critical. This issue affects some unknown processing of the file /Admin/createClass.php. The manipulation of the argument Id leads to sql injection. The attack may be initiated remotely. The exploit has been...

Cross site scripting

A vulnerability was found in eolinker apinto-dashboard and classified as problematic. This issue affects some unknown processing of the file /api/discoveries/. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and ma...

CVE-2022-3803

The CVE-2022-3803 entry concerns eolinker apinto-dashboard. The vulnerability is a cross-site scripting (XSS) issue arising from unknown processing in the /api/discoveries/ path. The root cause is described as improper handling in that endpoint, enabling an attacker to inject malicious script. Se...