6573 matches found
Cross site scripting
Cross-site Scripting XSS - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2...
CVE-2022-0572 Heap-based Buffer Overflow in vim/vim
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2...
CVE-2022-0572
CVE-2022-0572 affects vim/vim prior to 8.2. Cause: a heap-based buffer overflow in vim’s ex_retab() (indent.c) triggered by repeated use of :retab. Impact per sources: vulnerability could crash Vim and, in some reporting, enable arbitrary code execution. Affected product: vim/vim (GitHub vim/vim)...
CVE-2022-0572
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2...
CVE-2022-0572 Heap-based Buffer Overflow in vim/vim
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2...
Symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations in dbdeployer
Impact Users unpacking a tarball through dbdeployer may use a maliciously packaged tarball that contains symlinks to files external to the target. In such scenario, an attacker could induce dbdeployer to write into a system file, thus altering the computer defences. Mitigating factors For the...
Withdrawn Advisory: OS Command Injection in effect
Withdrawn Advisory This advisory has been withdrawn because the npm package effect, for which alerts were issued, does not correspond with https://github.com/Javascipt/effect, the repository with the vulnerable code. https://github.com/Javascipt/effect is not in any supported ecosystem...
Design/Logic Flaw
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2...
CVE-2022-0554
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2...
Input validation
Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2...
Cross site scripting
Cross-site Scripting XSS - Stored in GitHub repository chatwoot/chatwoot prior to 2.2.0...
CVE-2022-0527 Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot
Cross-site Scripting XSS - Stored in GitHub repository chatwoot/chatwoot prior to 2.2.0...
CVE-2022-0526 Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot
Cross-site Scripting XSS - Stored in GitHub repository chatwoot/chatwoot prior to 2.2.0...
CVE-2022-0526 Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot
Cross-site Scripting XSS - Stored in GitHub repository chatwoot/chatwoot prior to 2.2.0...
CVE-2022-0524
Business Logic Errors in GitHub repository publify/publify prior to 9.2.7...
Code injection
Business Logic Errors in GitHub repository publify/publify prior to 9.2.7...
CVE-2022-0524 Business Logic Errors in publify/publify
Business Logic Errors in GitHub repository publify/publify prior to 9.2.7...
CVE-2022-0521
Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2...
CVE-2022-0518
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2...
CVE-2022-0519
Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2...