steal 资源管理错误漏洞

steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal 2.2.4, which originates from a StealJS Regular Expression Denial of Service ReDoS via the source and...

CVE-2022-40307

An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free...

DEBIAN-CVE-2022-40307

An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free...

AZL-10904 CVE-2022-40307 affecting package kernel for versions less than 5.15.70.1-1

An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free...

CVE-2022-40307

An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free...

UBUNTU-CVE-2022-40307

An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free...

Linux kernel 竞争条件问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel versions prior to 5.19.8 suffer from a Competitive Condition Issue vulnerability that stems from a competitive condition in its drivers/firmware/efi/capsule-loader...

PT-2022-4754 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.19.8 Description: The issue is related to a use-after-free condition in the Linux kernel, specifically in the drivers/firmware/efi/capsule-loader.c component. This condition arises due to a race condition, whic...

Rizin 缓冲区错误漏洞

Rizin is a free open source reverse engineering framework from the Rizin organization. It is used for analyzing binary files, disassembling code, debugging programs, as a forensic tool, as a scriptable command-line hex editor capable of opening disk files, and more. A buffer error vulnerability...

CVE-2022-1888

Alpha7 PC Loader All versions is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code...

Stack overflow

Alpha7 PC Loader All versions is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code...

CVE-2022-1888 Fuji Electric Alpha7 PC Loader Fuji Electric Alpha7 PC Loader

Alpha7 PC Loader All versions is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code...

CVE-2022-1888

CVE-2022-1888 affects Fuji Electric Alpha7 PC Loader (all versions). The issue is a stack-based buffer overflow that occurs while processing a specifically crafted project file, potentially allowing arbitrary code execution. CVSS indicates a HIGH impact with local attack vector and user interacti...

CVE-2022-1888 Fuji Electric Alpha7 PC Loader Fuji Electric Alpha7 PC Loader

Alpha7 PC Loader All versions is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code...

CVE-2022-34303

A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use...

PT-2022-10737 · Red Hat · Keycloak

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns ClassLoaderTheme and ClasspathThemeResourceProviderFactory, which allow reading any file available as a resource to the classloader. ...

Ubuntu: Security Advisory (USN-103-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : python-PyYAML (SUSE-SU-2022:2841-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2841-1 advisory. - CVE-2020-1747: Fixed an arbitrary code execution issue when parsing an untrusted YAML file with the default loader bsc1165439. -...

MAL-2022-6306 Malicious code in stklus-loaer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7e561a36b793215d238ce833fba5aeb0db52df8493ea94d982756b4da2fcf24c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5933 Malicious code in sass-loadre (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bb51edea624a3e91103abc49a51dd9751f229edb78a32272995972dd71e8927c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...