Code injection

uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth of parameter nesting for strict blocking, which allows crafted web sites to cause a denial of service unbounded recursion that can trigger memory consumption and a loss of all blocking functionality...

UBUNTU-CVE-2021-36773

uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth of parameter nesting for strict blocking, which allows crafted web sites to cause a denial of service unbounded recursion that can trigger memory consumption and a loss of all blocking functionality...

CVE-2021-36773

CVE-2021-36773 affects the browser extensions uBlock Origin (before 1.36.2) and nMatrix (before 4.4.9). The vulnerability arises from allowing an arbitrary depth of parameter nesting in strict blocking, which can be exploited by crafted websites to trigger unbounded recursion, resulting in memory...

CVE-2021-36773

uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth of parameter nesting for strict blocking, which allows crafted web sites to cause a denial of service unbounded recursion that can trigger memory consumption and a loss of all blocking functionality...

SUSE-SU-2021:2389-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.12.0 ESR Fixed: Various stability, functionality, and security fixes MFSA 2021-29 bsc1188275 CVE-2021-29970: Use-after-free in accessibility features of a document CVE-2021-30547: Out of bounds write in...

CVE-2021-21816

An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability...

SUSE-SU-2021:14766-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.12.0 ESR Fixed: Various stability, functionality, and security fixes MFSA 2021-29 bsc1188275 CVE-2021-29970: Use-after-free in accessibility features of a document CVE-2021-30547: Out of bounds write in...

CVE-2021-32750

MuWire is a file publishing and networking tool that protects the identity of its users by using I2P technology. Users of MuWire desktop client prior to version 0.8.8 can be de-anonymized by an attacker who knows their full ID. An attacker could send a message with a subject line containing a URL...

CVE-2021-32750

MuWire is a file publishing and networking tool that protects the identity of its users by using I2P technology. Users of MuWire desktop client prior to version 0.8.8 can be de-anonymized by an attacker who knows their full ID. An attacker could send a message with a subject line containing a URL...

Design/Logic Flaw

MuWire is a file publishing and networking tool that protects the identity of its users by using I2P technology. Users of MuWire desktop client prior to version 0.8.8 can be de-anonymized by an attacker who knows their full ID. An attacker could send a message with a subject line containing a URL...

CVE-2021-32750 De-anonymization via message

MuWire is a file publishing and networking tool that protects the identity of its users by using I2P technology. Users of MuWire desktop client prior to version 0.8.8 can be de-anonymized by an attacker who knows their full ID. An attacker could send a message with a subject line containing a URL...

Booking Core has an unspecified vulnerability

Booking Core is an application. A Laravel-based booking system designed for travel websites, malls, travel agents, tour operators, B&Bs, villa rentals, resort rentals, Make Travel websites.Booking Core has a security vulnerability that stems from the subscription functionality in Ultimate Booking...

Amazon Linux AMI : rpm (ALAS-2021-1521)

The version of rpm installed on the remote host is prior to 4.11.3-40.79. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1521 advisory. A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can...

PT-2021-14797 · Accusoft · Accusoft Imagegear

Name of the Vulnerable Software and Affected Versions: Accusoft ImageGear version 19.9 Description: A stack-based buffer overflow issue exists in the PDF process fontname functionality. This can be triggered by a specially crafted malformed file, potentially leading to code execution. An attacker...

CVE-2021-24451

The Export Users With Meta WordPress plugin before 0.6.5 did not escape the list of roles to export before using them in a SQL statement in the export functionality, available to admins, leading to an authenticated SQL Injection...

Sql injection

The Export Users With Meta WordPress plugin before 0.6.5 did not escape the list of roles to export before using them in a SQL statement in the export functionality, available to admins, leading to an authenticated SQL Injection...

Fedora: Security Advisory for libtpms (FEDORA-2021-465b5c3b67)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2021-23402

All versions of package record-like-deep-assign are vulnerable to Prototype Pollution via the main functionality...

record-like-deep-assign 代码问题漏洞

record-like-deep-assign is a package. A code issue vulnerability exists in record-like-deep-assign that stems from a prototype contamination affecting key functionality within the plugin. No details of the vulnerability are provided at this time...

EulerOS 2.0 SP9 : binutils (EulerOS-SA-2021-2047)

According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BF...