5843 matches found
CVE-2022-38216
An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds...
CVE-2022-38216
Summary: CVE-2022-38216 reports an integer overflow in Mapbox’s closed‑source gl-native library prior to v10.6.1, bundled with multiple Mapbox products. The overflow is triggered by large image height/width values when creating a new Image and can cause out‑of‑bounds writes, potentially crashing ...
Detect Threats with Runtime Security
With the increasing use of multi-cloud infrastructure services security has become more complex. You need simplified security for your cloud-native applications with advanced container image scanning, policy-based admission control, and container runtime protection...
Mapbox 输入验证错误漏洞
Mapbox is a location data platform for mobile and Web applications from Mapbox, Inc. A buffer overflow vulnerability exists in versions prior to Mapbox gl-native 10.6.1, which stems from excessive image height and width values when creating new images, and can be exploited to cause Mapbox process...
Malicious Package
Overview stripe-identity-react-native is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if...
Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server is a set of email service programs from Microsoft Corporation USA. It provides mail access, storage, forwarding, voice mail, mail filtering, etc. An elevation of privilege vulnerability exists in Microsoft Exchange Server. The vulnerability stems from an incorrect progra...
Microsoft Exchange Server 安全漏洞
Microsoft Exchange Server is a set of email service programs from Microsoft Corporation USA. It provides mail access, storage, forwarding, voice mail, mail filtering, etc. An elevation of privilege vulnerability exists in Microsoft Exchange Server. The vulnerability stems from an incorrect progra...
Research Shows the Annual Cost of API Security-related Breaches is Mind-blowing
Application Programming Interfaces APIs have emerged as useful tools that streamline business operations and enhance the digital experience for customers. As their use has become more widespread, they are a much more prominent part of the cyber threat landscape. API-related hacks and data breache...
IBM CICS TX Advanced Input Validation Error Vulnerability
IBM CICS TX Advanced is a comprehensive, single transaction runtime package from IBM USA. It can provide a cloud-native deployment model for standalone applications. IBM CICS TX Advanced version 11.1 contains an input validation error vulnerability that stems from improper input validation of the...
Google Android elevation of privilege vulnerability (CNVD-2022-65631)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from incorrect programmatic calls to high-level native procedures. An attacker can exploit this vulnerability to cause an elevatio...
Google Android elevation of privilege vulnerability (CNVD-2022-65642)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from incorrect programmatic calls to high-level native procedures. An attacker can exploit this vulnerability to cause an elevatio...
Google Android elevation of privilege vulnerability (CNVD-2022-65634)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from incorrect programmatic calls to high-level native procedures. An attacker can exploit this vulnerability to gain elevated...
Google Android elevation of privilege vulnerability (CNVD-2022-65633)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from an incorrect programmatic call to an advanced native procedure. An attacker can exploit this vulnerability to execute arbitra...
Google Android elevation of privilege vulnerability (CNVD-2022-65636)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from incorrect programmatic calls to high-level native procedures. An attacker can exploit this vulnerability to cause an elevatio...
Google Android elevation of privilege vulnerability (CNVD-2022-65641)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from incorrect programmatic calls to high-level native procedures. An attacker can exploit this vulnerability to gain elevated...
Google Android elevation of privilege vulnerability (CNVD-2022-65640)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from incorrect programmatic calls to high-level native procedures. An attacker can exploit this vulnerability to gain elevated...
Google Android elevation of privilege vulnerability (CNVD-2022-65639)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability. The vulnerability stems from incorrect programmatic calls to high-level native procedures. An attacker can exploit this vulnerability to elevate privilege...
IBM CICS TX Advanced Clickjacking Vulnerability
IBM CICS TX Advanced is a comprehensive, single transaction runtime package from IBM USA. It can provide a cloud-native deployment model for standalone applications. IBM CICS TX Advanced version 11.1 is vulnerable to a clickjacking vulnerability that stems from the program's failure to adequately...
Malicious DepositBase may stole dust fund from ReceiverImplementation
Lines of code Vulnerability details Impact Malicious DepositBase may stole dust fund from ReceiverImplementation Proof of Concept // @dev This function is used for delegate by DepositReceiver deployed above // Context: msg.sender == AxelarDepositService, this == DepositReceiver function...
WithSecure Endpoint Protection 安全漏洞
WithSecure Endpoint Protection is a cloud-native, AI-powered endpoint protection from Finland's WithSecure. It can be deployed instantly from a browser and easily managed from a single console. A security vulnerability exists in WithSecure Endpoint Protection. No information about this...