6573 matches found
Design/Logic Flaw
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440...
Improper access control
Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0...
CVE-2022-0729
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440...
CVE-2022-0727
CVE-2022-0727 affects chocobozzz/peertube (prior to version 4.1.0) with improper access control. The Red Hat/ENISA/CNVD/OSV/etc. entries and the Huntr PoC confirm the root cause: the app does not properly check video status when making data changes, enabling a user to rate private videos via API ...
CVE-2022-0724
Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3...
Code injection
Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3...
Information disclosure
Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3...
CVE-2022-0724
Vulnerability summary (CVE-2022-0724): In microweber/microweber, versions before 1.3 store uploaded profile images with EXIF data intact, causing information disclosure. The root cause is that EXIF data is not stripped during upload, exposing user geolocation, device information, and software det...
CVE-2022-0721 Insertion of Sensitive Information Into Debugging Code in microweber/microweber
Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3...
Design/Logic Flaw
Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1...
PYSEC-2022-28
Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1...
CVE-2022-0736 Insecure Temporary File in mlflow/mlflow
Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1...
CVE-2022-0736
CVE-2022-0736 affects mlflow/mlflow prior to 1.23.1, describing an insecure temporary file issue. The root cause is use of the deprecated tempfile.mktemp() pattern in the affected code, with remediation to upgrade to mlflow 1.23.1 or later as indicated by OSV/GHSA entries. The connected sources c...
CVE-2022-0717
Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2...
Design/Logic Flaw
Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2...
CVE-2022-0717 Out-of-bounds Read in mruby/mruby
Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2...
CVE-2022-0717
Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2...
CVE-2022-0717 Out-of-bounds Read in mruby/mruby
Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2...
CVE-2022-0654
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository fgribreau/node-request-retry prior to 7.0.0...
microweber 安全漏洞
Microweber is an online store management system that provides drag and drop functionality from the Microweber community in the United States. The system includes modules for adding products, images, and more. A security vulnerability exists in microweber versions prior to 1.3, which stems from th...