791 matches found
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper handling of integer values in the storeAtts function. An attacker can cause memory corruption or potentially execute arbitrary code by providing specially crafted input that triggers the...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the xmlwf process when the -d parameter is used to specify an output directory. An attacker can cause unintended behavior or potentially execute arbitrary code by providing a specially crafted output...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the getAttributeId function. An attacker can cause memory corruption or execute arbitrary code by providing specially crafted input that triggers an integer overflow. Remediation A fix was pushed into...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the resolveSystemId function. An attacker can cause unexpected behavior or potentially execute arbitrary code by providing specially crafted input that triggers an integer overflow during processing...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper handling of integer values in the copyString function. An attacker can cause memory corruption or potentially execute arbitrary code by providing specially crafted input that triggers the...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the endDoctypeDecl process when handling NOTATION declarations. An attacker can cause memory corruption or potentially execute arbitrary code by providing specially crafted XML input. Remediation A fix...
Unchecked Input for Loop Condition
Overview Affected versions of this package are vulnerable to Unchecked Input for Loop Condition in the SSHMSGEXTINFO handler during the initial handshake process. An attacker can cause the client application to become unresponsive by sending a crafted extension count value that triggers an infini...
Allocation of Resources Without Limits or Throttling
Overview org.webjars.npm:undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the handling of WebSocket message fragments. An attacker can cause unbounded memory growth and...
Insertion of Sensitive Information into Log File
Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the error handling process for certain API and WebSocket routes, where unsanitized exception...
Buffer Overflow
Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Buffer Overflow in the Buffer API. An attacker can cause application crashes or trigger incorrect memory...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the ICON decoding. An attacker can cause a crash by providing a specially crafted ICON file that triggers an out-of-bounds heap write. Remediation A fix was pushed into the master branch but not yet published...
Improper Resource Shutdown or Release
Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release due to improper handling of process termination signals in the timeout mechanism by using the catchable SIGALRM signal instead of the uncatchable SIGKILL signal. An attacker can cause resource...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the Floyd-Steinberg dithering when handling images with a mask. An attacker can cause a negative heap buffer overwrite by supplying a specially crafted image file. Remediation A fix was pushed into the master bran...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow through the SF3 encoder when handling crafted multi-frame images. An attacker can cause a heap buffer overwrite by submitting specially crafted image data. Remediation A fix was pushed into the master branch b...
Improper Validation of Specified Quantity in Input
Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the libnfszdrstring function in lib/libnfs-zdr.c when connecting to a specially crafted NFS server. An attacker can cause an integer overflow and potentially execute arbitrary code o...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the handleTokenExchange function. An attacker can gain unauthorized access to restricted resources by exploiting the lack of enforcement of allowed connectors when exchanging tokens. This is only exploitable i...
Double Free
Overview Affected versions of this package are vulnerable to Double Free in the certificate verification path, in the TLS client's OCSP stapling response handling. An attacker operating a malicious server can deliver an OCSP response via the statusrequest extension that corrupts heap memory and...
Covert Channel
Overview Affected versions of this package are vulnerable to Covert Channel information exposure from CMSdecrypt and PKCS7decrypt. An attacker who can supply CMS or S/MIME messages and observe the application's error code and/or decryption output can use the victim's process as an adaptive chosen...
Open Redirect
Overview Affected versions of this package are vulnerable to Open Redirect via the OAuth2Client function. An attacker can redirect users to arbitrary external sites by crafting a malicious link and tricking them into clicking it. Remediation A fix was pushed into the master branch but not yet...
Use of Weak Hash
Overview ms-swift is a Swift: Scalable lightWeight Infrastructure for Fine-Tuning Affected versions of this package are vulnerable to Use of Weak Hash in the Template.savepilimage function in swift/template/base.py. An attacker can exploit a weakness in cache key integrity to tamper with the...