CVE-2021-3850

CVE-2021-3850 affects libphp-adodb, a PHP database abstraction layer used with adodb/adodb. The flaw allows injection into the PostgreSQL connection string by bypassing adodb_addslashes(), potentially enabling authentication bypass or exposing server information, depending on usage. Patches exist...

CVE-2021-3850

Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21...

CVE-2022-0351

Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2...

CVE-2022-0351 Access of Memory Location Before Start of Buffer in vim/vim

Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2...

Improper Access Control in janeczku/calibre-web

Description With default settings, low-level users will not have permission to read name of private shelf shelf create by another user and not in public mode. However, due to incorrect HTML render, the application does not work as intended. Proof of Concept - Step 1: Login with admin account and ...

CVE-2021-4103 Cross-site Scripting (XSS) - Stored in vanessa219/vditor

Cross-site Scripting XSS - Stored in GitHub repository vanessa219/vditor prior to 1.0.34...

CVE-2021-4172

Cross-site Scripting XSS - Stored in GitHub repository star7th/showdoc prior to 2.10.2...

CVE-2021-4172

Cross-site Scripting XSS - Stored in GitHub repository star7th/showdoc prior to 2.10.2...

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository star7th/showdoc prior to 2.10.2...

Denial of service in CBOR library

Impact Due to this library's use of an inefficient algorithm, it is vulnerable to a denial of service attack when a maliciously crafted input is passed to DecodeFromBytes or other CBOR decoding mechanisms in this library. Affected versions include versions 4.0.0 through 4.5.0. This vulnerability...

GHSA-VXH4-X6GV-MPHF Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat

Cross-Site Request Forgery CSRF in GitHub repository livehelperchat/livehelperchat...

Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat

Cross-Site Request Forgery CSRF in GitHub repository livehelperchat/livehelperchat...

Xxe

Improper Restriction of XML External Entity Reference in GitHub repository skylot/jadx prior to 1.3.2...

CVE-2022-0219 Improper Restriction of XML External Entity Reference in skylot/jadx

Improper Restriction of XML External Entity Reference in GitHub repository skylot/jadx prior to 1.3.2...

CVE-2021-3866

Cross-site Scripting XSS - Stored in GitHub repository zulip/zulip more than and including 44f935695d452cc3fb16845a0c6af710438b153d and prior to 3eb2791c3e9695f7d37ffe84e0c2184fae665cb6...

CVE-2021-3866

Cross-site Scripting XSS - Stored in GitHub repository zulip/zulip more than and including 44f935695d452cc3fb16845a0c6af710438b153d and prior to 3eb2791c3e9695f7d37ffe84e0c2184fae665cb6...

CVE-2022-0261

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2...

CVE-2021-4146

Business Logic Errors in GitHub repository pimcore/pimcore prior to 10.2.6...

Heap overflow

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2...

Code injection

Business Logic Errors in GitHub repository pimcore/pimcore prior to 10.2.6...