390 matches found
CVE-2016-10823
cPanel before 55.9999.141 allows arbitrary code execution in the context of the root account because of MakeText interpolation SEC-89...
CVE-2018-20885
cPanel before 74.0.0 allows Apache HTTP Server configuration injection because of DocumentRoot variable interpolation SEC-416...
CVE-2019-10362
Jenkins Configuration as Code Plugin 1.24 and earlier did not escape values resulting in variable interpolation during configuration import when exporting, allowing attackers with permission to change Jenkins system configuration to obtain the values of environment variables...
CVE-2013-4457
The Cocaine gem 0.4.0 through 0.5.2 for Ruby allows context-dependent attackers to execute arbitrary commands via a crafted has object, related to recursive variable interpolation...
LLM-Text Watermarking Based on Lagrange Interpolation
The rapid advancement of LLMs Large Language Models has established them as a foundational technology for many AI and ML-powered human computer interactions. A critical challenge in this context is the attribution of LLM-generated text -- either to the specific language model that produced it or ...
Notes on Univariate Sumcheck
These notes describe an adaptation of the multivariate sumcheck protocol to univariate polynomials interpolated over roots of unity...
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the $ shell API due to improper neutralization of user input. An attacker can exploit this by...
SUSE CVE-2022-49612
In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fix boundary conditions in interpolation The functions powersupplytemp2resistsimple and powersupplyocv2capsimple handle boundary conditions incorrectly. The change was introduced in...
CVE-2022-49612
In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fix boundary conditions in interpolation The functions powersupplytemp2resistsimple and powersupplyocv2capsimple handle boundary conditions incorrectly. The change was introduced in...
DEBIAN-CVE-2022-49612
In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fix boundary conditions in interpolation The functions powersupplytemp2resistsimple and powersupplyocv2capsimple handle boundary conditions incorrectly. The change was introduced in...
UBUNTU-CVE-2022-49612
In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fix boundary conditions in interpolation The functions powersupplytemp2resistsimple and powersupplyocv2capsimple handle boundary conditions incorrectly. The change was introduced in...
CVE-2022-49612
CVE-2022-49612 discusses a Linux kernel vulnerability in the power: supply: core interpolation logic. The issue lies in boundary handling within power_supply_temp2resist_simple and power_supply_ocv2cap_simple, introduced by a4585ba2050f460f749bbaf2b67bd56c41e30283 (power: supply: core: Use librar...
CVE-2022-49612
In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fix boundary conditions in interpolation The functions powersupplytemp2resistsimple and powersupplyocv2capsimple handle boundary conditions incorrectly. The change was introduced in...
CVE-2022-49612 power: supply: core: Fix boundary conditions in interpolation
In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fix boundary conditions in interpolation The functions powersupplytemp2resistsimple and powersupplyocv2capsimple handle boundary conditions incorrectly. The change was introduced in...
CVE-2022-49612 power: supply: core: Fix boundary conditions in interpolation
In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fix boundary conditions in interpolation The functions powersupplytemp2resistsimple and powersupplyocv2capsimple handle boundary conditions incorrectly. The change was introduced in...
apache-commons-text: variable interpolation RCE
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...
apache-commons-text: variable interpolation RCE
A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code...
log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender
A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain...
FreeBSD : Gitlab -- Vulnerabilities (92cd1c03-2940-11ef-bc02-001b217b3468)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 92cd1c03-2940-11ef-bc02-001b217b3468 advisory. Gitlab reports: ReDoS in gomod dependency linker ReDoS in CI interpolation fix bypass ReDoS in...
Gitlab -- Vulnerabilities
Gitlab reports: ReDoS in gomod dependency linker ReDoS in CI interpolation fix bypass ReDoS in Asana integration issue mapping when webhook is called XSS and content injection when viewing raw XHTML files on iOS devices Missing agentk request validation could cause KAS to panic...