5833 matches found
CVE-2022-41738 IBM Spectrum Scale security bypass
IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an attacker to initiate connections to containers from external networks. IBM X-Force ID: 237812...
CVE-2022-41738 IBM Spectrum Scale security bypass
IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an attacker to initiate connections to containers from external networks. IBM X-Force ID: 237812...
[SECURITY] Fedora 38 Update: libgit2-1.6.5-1.fc38
libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...
IBM Storage Scale Security Vulnerability
IBM Storage Scale is a storage solution from International Business Machines IBM designed to help organizations efficiently manage and scale storage resources to meet growing data storage needs. A security vulnerability exists in IBM Storage Scale Container Native, which stems from a vulnerabilit...
IBM Storage Scale Authorization Issues Vulnerability
IBM Storage Scale is a storage solution from International Business Machines IBM designed to help organizations efficiently manage and scale storage resources to meet growing data storage needs. An authorization issue vulnerability exists in IBM Storage Scale Container Native, which stems from a...
@icanbwell/composite (>=1.89.4 <=1.202.0), @icanbwell/native-components (>=0.21.6 <=0.31.0) +4 more potentially affected by CVE-2024-25466 via react-native-document-picker (>=9.0.1 <=9.1.0)
react-native-document-picker NPM version =9.0.1, =1.89.4, =0.21.6, =0.14.5, =1.1.0, =1.8.0 - @likeminds.community/feed-rn-core =0.6.0 - @likeminds.community/feed-rn-core-beta =0.0.1 Source cves: CVE-2024-25466 Source advisory: OSV:GHSA-PMGM-H3CC-M4HJ...
@armiasystems/react-native-armia-chat-sdk (>=1.0.8 <=1.0.9), @kafudev/react-native-core (>=1.0.1 <=1.0.4) +42 more potentially affected by CVE-2024-25466 via react-native-document-picker (>=2.3.0 <=8.2.0)
react-native-document-picker NPM version =2.3.0, =1.0.8, =1.0.1, =0.64.1-beta.46, =0.5.0, =0.0.8, =0.0.14, =0.0.186, =0.0.5, =2.46.0, =1.0.0, =0.0.24, =0.0.1, =1.1.12 - abc123efgh =1.0.0 and more Source cves: CVE-2024-25466 Source advisory: OSV:GHSA-PMGM-H3CC-M4HJ...
GHSA-PMGM-H3CC-M4HJ React Native Document Picker Directory Traversal vulnerability
Directory Traversal vulnerability in React Native Document Picker before 8.2.2 and 9.x before 9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library component...
React Native Document Picker Directory Traversal vulnerability
Directory Traversal vulnerability in React Native Document Picker before 8.2.2 and 9.x before 9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library component...
CVE-2024-25466
Directory Traversal vulnerability in React Native Document Picker before v.9.1.1 and fixed in v.9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library component...
CVE-2024-25466
Directory Traversal vulnerability in React Native Document Picker before v.9.1.1 and fixed in v.9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library component...
Directory traversal
Directory Traversal vulnerability in React Native Document Picker before v.9.1.1 and fixed in v.9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library component...
CVE-2024-25466
Directory Traversal vulnerability in React Native Document Picker before v.9.1.1 and fixed in v.9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library component...
PT-2024-20960 · Unknown · React Native Document Picker
Name of the Vulnerable Software and Affected Versions: React Native Document Picker versions prior to 9.1.1 React Native Document Picker version 8.2.2 and earlier Description: A Directory Traversal issue allows a local attacker to execute arbitrary code via a crafted script to the Android library...
CVE-2024-25466
Directory Traversal vulnerability in React Native Document Picker before v.9.1.1 and fixed in v.9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library component...
React Native Security Vulnerabilities
React Native is an open source JavaScript framework. It is used to build user interfaces and native applications. A security vulnerability exists in React Native Document Picker versions prior to v.9.1.1, which stems from a path traversal vulnerability in the component Android library...
CVE-2024-25466
CVE-2024-25466 is a directory traversal vulnerability in React Native Document Picker affecting versions prior to 9.1.1 . The root cause is an Android library component that processes crafted scripts, allowing a local attacker to execute arbitrary code. The vulnerability is fixed in version 9.1.1...
google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization
PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized...
Code Injection
pkg is vulnerable toCode Injection. The vulnerability is due to the use of a hardcoded directory /tmp/pkg/ for native code packages, which is shared among all users on the same local system without unique or unpredictable package names, enabling attackers to replace genuine executables with...
CVE-2024-24828
pkg is tool design to bundle Node.js projects into an executables. Any native code packages built by pkg are written to a hardcoded directory. On unix systems, this is /tmp/pkg/ which is a shared directory for all users on the same local system. There is no uniqueness to the package names within...