Buffer overflow

Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. This vulnerability is capable of arbitrary code execution...

CVE-2022-1534

Buffer Over-read at parserawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash...

CVE-2022-1533 Buffer Over-read in bfabiszewski/libmobi

Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. This vulnerability is capable of arbitrary code execution...

CVE-2022-1534 Buffer Over-read at parse_rawml.c:1416 in bfabiszewski/libmobi

Buffer Over-read at parserawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash...

CVE-2022-1534

Buffer Over-read at parserawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash...

CVE-2022-1531

SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint2022-04-20 . This vulnerability is critical as it can lead to remote code execution and thus complete server takeover...

CVE-2022-1530

Cross-site Scripting XSS in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application...

CVE-2022-1531 SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in rtxteam/rtx

SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint2022-04-20 . This vulnerability is critical as it can lead to remote code execution and thus complete server takeover...

CVE-2022-1530 Cross-site Scripting (XSS) in livehelperchat/livehelperchat

Cross-site Scripting XSS in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application...

CVE-2022-1514

Stored XSS via upload plugin functionality in zip format in GitHub repository neorazorx/facturascripts prior to 2022.06. Cross-site scripting attacks can have devastating consequences. Code injected into a vulnerable application can exfiltrate data or install malware on the user's machine...

Cross site scripting

Stored XSS via upload plugin functionality in zip format in GitHub repository neorazorx/facturascripts prior to 2022.06. Cross-site scripting attacks can have devastating consequences. Code injected into a vulnerable application can exfiltrate data or install malware on the user's machine...

CVE-2022-1514 Stored XSS via upload plugin functionality in zip format in neorazorx/facturascripts

Stored XSS via upload plugin functionality in zip format in GitHub repository neorazorx/facturascripts prior to 2022.06. Cross-site scripting attacks can have devastating consequences. Code injected into a vulnerable application can exfiltrate data or install malware on the user's machine...

Authorization

Missing Authorization in GitHub repository snipe/snipe-it prior to 5.4.4...

Sql injection

Sed Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An authenticated remote attacker with low privileges can execute arbitrary code under root context...

CVE-2022-1509 Command Injection Vulnerability in hestiacp/hestiacp

Command Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An authenticated remote attacker with low privileges can execute arbitrary code under root context...

CVE-2022-1511 Missing Authorization in snipe/snipe-it

Missing Authorization in GitHub repository snipe/snipe-it prior to 5.4.4...

CVE-2022-1511 Missing Authorization in snipe/snipe-it

Missing Authorization in GitHub repository snipe/snipe-it prior to 5.4.4...

Null pointer dereference

chafa: NULL Pointer Dereference in function gifinternaldecodeframe at libnsgif.c:599 allows attackers to cause a denial of service crash via a crafted input file. in GitHub repository hpjansson/chafa prior to 1.10.2. chafa: NULL Pointer Dereference in function gifinternaldecodeframe at...

CVE-2022-1507

chafa: NULL Pointer Dereference in function gifinternaldecodeframe at libnsgif.c:599 allows attackers to cause a denial of service crash via a crafted input file. in GitHub repository hpjansson/chafa prior to 1.10.2. chafa: NULL Pointer Dereference in function gifinternaldecodeframe at...

CVE-2022-1507 chafa: NULL Pointer Dereference in function gif_internal_decode_frame at libnsgif.c:599 allows attackers to cause a denial of service (crash) via a crafted input file. in hpjansson/chafa

chafa: NULL Pointer Dereference in function gifinternaldecodeframe at libnsgif.c:599 allows attackers to cause a denial of service crash via a crafted input file. in GitHub repository hpjansson/chafa prior to 1.10.2. chafa: NULL Pointer Dereference in function gifinternaldecodeframe at...