6573 matches found
CVE-2022-1106
use after free in mrbvmexec in GitHub repository mruby/mruby prior to 3.2...
CVE-2022-1106
use after free in mrbvmexec in GitHub repository mruby/mruby prior to 3.2...
CVE-2022-1106 use after free in mrb_vm_exec in mruby/mruby
use after free in mrbvmexec in GitHub repository mruby/mruby prior to 3.2...
CVE-2022-1106
CVE-2022-1106 affects mruby/mruby before 3.2. The issue is a use-after-free vulnerability in mrb_vm_exec. Public references consistently identify the vulnerable component as mruby/mruby and the root cause as use-after-free in mrb_vm_exec, with potential for arbitrary code execution (per CNVD). Se...
CVE-2022-1106
use after free in mrbvmexec in GitHub repository mruby/mruby prior to 3.2...
CVE-2022-1106 use after free in mrb_vm_exec in mruby/mruby
use after free in mrbvmexec in GitHub repository mruby/mruby prior to 3.2...
CVE-2022-1106
use after free in mrbvmexec in GitHub repository mruby/mruby prior to 3.2...
Use after free in mrb_vm_exec in mruby/mruby
Use after free in mrbvmexec in GitHub repository mruby/mruby prior to 3.2...
CVE-2022-1071
User after free in mrbvmexec in GitHub repository mruby/mruby prior to 3.2...
CVE-2022-1071
CVE-2022-1071 affects mruby/mruby prior to 3.2. The issue is a use-after-free in mrb_vm_exec, as documented in multiple sources (e.g., NVD/NIST entry). CVSSv3.1/base scores indicate HIGH severity (8.2) with LOCAL exploitability, low privileges required, UI interaction required, and CHANGED scope,...
CVE-2022-1071 User after free in mrb_vm_exec in mruby/mruby
User after free in mrbvmexec in GitHub repository mruby/mruby prior to 3.2...
CVE-2021-20323
creationtimestamp| type| source ---|---|--- 2022-03-25 21:30:59+00:00| seen| https://t.me/cibsecurity/39556 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-20323.yaml...
CVE-2022-1064
SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms prior to 5.11.1...
Sql injection
SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms prior to 5.11.1...
CVE-2022-1064
Fork CMS (forkcms/forkcms) is affected by SQL injection in versions prior to 5.11.1, via the ids parameter in blog comments where bulk marking as spam enables injection. The root cause is lack of validation of externally entered SQL statements in that parameter. Consequences stated include potent...
GHSA-4RQQ-RXVC-V2RC Gitea Open Redirect
Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5...
Gitea Open Redirect
Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5...
CVE-2022-24782
Discourse is an open source discussion platform. Versions 2.8.2 and prior in the stable branch, 2.9.0.beta3 and prior in the beta branch, and 2.9.0.beta3 and prior in the tests-passed branch are vulnerable to a data leak. Users can request an export of their own activity. Sometimes, due to catego...
CVE-2022-24782
Discourse versions 2.8.2 and earlier (stable), 2.9.0.beta3 and earlier (beta and tests-passed) are affected by a data‑leak vulnerability where exporting a user’s activity can reveal secure category names. The root cause is exposure of secure category information in exports (and when posts move to...
Sql injection
SQL Injection in GitHub repository forkcms/forkcms prior to 5.11.1...