6573 matches found
CVE-2022-2453 Use After Free in gpac/gpac
Use After Free in GitHub repository gpac/gpac prior to 2.1-DEV...
CVE-2022-2454 Integer Overflow or Wraparound in gpac/gpac
Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV...
CVE-2022-2400
External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0...
CVE-2022-2400
External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0...
CVE-2022-2400
CVE-2022-2400 affects php-dompdf prior to 2.0.0, with Debian/Ubuntu advisories (DLA-4427-1, USN-6277-1/2) documenting a vulnerability where external control of the file name/path could bypass access checks. Debian 11 fix: upgrade to 0.6.2+dfsg-3.1+deb11u1; Ubuntu advisories reference correspondin...
CVE-2022-2400 External Control of File Name or Path in dompdf/dompdf
External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0...
GHSA-QWRJ-9HMP-GPXH FlyteAdmin Insufficient AccessToken Expiration Check
Impact Authenticated users using an external identity provider can continue to use Access Tokens and ID Tokens even after they expire. Using flyteadmin as the OAuth2 Authorization Server is unaffected by this issue. Patches 1.1.30 Workarounds Rotating signing keys immediately will: Invalidate all...
EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2022-2085)
According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. CVE-2022-0943 Note that Tenable Network...
Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2022-2070)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 15 Security Update : chafa (openSUSE-SU-2022:10044-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:10044-1 advisory. - Buffer Over-read in GitHub repository hpjansson/chafa prior to 1.10.3. CVE-2022-2301 Note that Nessus has not tested for this issue but has inste...
CVE-2022-2368 Authentication Bypass by Spoofing in microweber/microweber
Authentication Bypass by Spoofing in GitHub repository microweber/microweber prior to 1.2.20...
CVE-2022-31584
The stonethree/s3label repository through 2019-08-14 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31577
The longmaoteamtf/audioalignerapp repository through 2020-01-10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31586
The unizar-30226-2019-06/ChangePop-Back repository through 2019-06-04 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31587
The yuriyouzhou/KG-fashion-chatbot repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31550
The olmax99/pyathenastack repository through 2019-11-08 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31554
The rohitnayak/movie-review-sentiment-analysis repository through 2017-05-07 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31572
The ceee-vip/cockybook repository through 2015-04-16 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31565
The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31550
The olmax99/pyathenastack repository through 2019-11-08 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...