227 matches found
Xen 安全漏洞
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. There is a security vulnerability in xen tha...
Xen 数字错误漏洞
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. A numeric error vulnerability exists in xen,...
Istio Licensing Issue Vulnerability (CNVD-2022-08360)
Istio is an open platform for connecting, managing, and securing microservices. Istio is vulnerable to an authorization issue in versions 1.12.0 and 1.12.1, which stems from a lack of authentication measures or insufficient authentication strength in a networked system or product. An attacker cou...
An unspecified vulnerability exists in vim (CNVD-2022-20699)
Vim is an editor based on the UNIX platform. vim suffers from a security vulnerability that stems from a networked system or product that does not properly validate data boundaries when performing operations on memory, resulting in an incorrect read or write operation being performed to an...
Atlassian Jira Access Control Error Vulnerability (CNVD-2022-05435)
Atlassian Jira is a defect tracking management system from Atlassian Australia. Atlassian Jira Center is vulnerable to an access control error that occurs when a networked system or product does not properly restrict access to resources from unauthorized roles, which can be exploited by an...
Pillow input validation error vulnerability
Pillow is a Python-based image processing library. Pillow is vulnerable to an input validation error prior to 9.0.0, which stems from a networked system or product that does not properly validate input data. An attacker could exploit this vulnerability to execute arbitrary expressions using the...
radare2 buffer overflow vulnerability (CNVD-2022-03956)
radare2 is a set of libraries and tools for working with binary files. radare2 suffers from a buffer error vulnerability, which stems from a networked system or product that does not properly validate data boundaries when performing operations on memory, resulting in an incorrect read or write...
radare2 缓冲区错误漏洞
radare2 is a set of libraries and tools for working with binary files. radare2 suffers from a buffer error vulnerability, which stems from a networked system or product that does not properly validate data boundaries when performing operations on memory, resulting in an incorrect read or write...
GPAC Code Issue Vulnerability (CNVD-2022-04820)
GPAC is an open source multimedia framework. GPAC 1.0.1 contains a security vulnerability that stems from improper design or implementation during the development of code for a networked system or product, which could be exploited by an attacker to conduct a denial-of-service attack...
Atlassian Jira Remote Code Execution Vulnerability
Atlassian Jira is a defect tracking management system from Atlassian Australia. Atlassian Jira is vulnerable to a remote code execution vulnerability that originates when a networked system or product does not properly validate incoming data. An attacker could use this vulnerability to execute...
vim out-of-bounds read vulnerability
Vim is an editor based on the UNIX platform. An out-of-bounds read vulnerability exists in Vim, which stems from a networked system or product that does not properly validate data boundaries when performing operations on memory, resulting in incorrect read and write operations being performed to...
GPAC Denial of Service Vulnerability (CNVD-2022-03211)
GPAC is an open source multimedia framework. GPAC 1.0.1 contains a security vulnerability that stems from improper design or implementation during the development of code for a networked system or product, which could be exploited by an attacker to conduct a denial-of-service attack...
Apache James path traversal vulnerability
Apache James is an open source Smtp and Pop3 mail transfer agent and Nntp news server written entirely in Java by the Apache Foundation. Apache James in version 3.6.1 contains a path traversal vulnerability that stems from a failure of a networked system or product to properly filter special...
Spinnaker Path Traversal Vulnerability
Spinnaker is a continuous delivery platform. Used to release software changes with high speed and confidence. Spinnaker suffers from a path traversal vulnerability that arises from a networked system or product that fails to properly filter for specific elements in a resource or file path. An...
Adobe Audition Buffer Overflow Vulnerability (CNVD-2021-102794)
Adobe Audition is a set of multi-track editing tools from Adobe. Adobe Audition suffers from a buffer overflow vulnerability that originates when a networked system or product does not properly validate data boundaries when performing operations in memory, resulting in incorrect read and write...
Teeworlds buffer overflow vulnerability
Teeworlds is an online multiplayer shooter game. Teeworlds suffers from a buffer overflow vulnerability that originates when a networked system or product performs an operation on memory that does not properly validate data boundaries, resulting in an incorrect read or write operation being...
KNIME directory traversal vulnerability
A directory traversal vulnerability exists in Knime, the Swiss company's enterprise software for putting data science workflows into production. knime stems from a failure of a networked system or product to properly filter special elements in a resource or file path, which could be exploited by ...
Moddable SDK Stack Overflow Vulnerability (CNVD-2021-90311)
Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable U.S. A security vulnerability exists in the Moddable SDK, which stems from a networked system or product that does not properly validate data boundaries when performing operations on memory, resulti...
Moddable SDK buffer over-read vulnerability
Moddable SDK is a software development kit SDK for IoT embedded software development from Moddable U.S. A security vulnerability exists in the Moddable SDK, which stems from a networked system or product that does not properly validate data boundaries when performing operations on memory, resulti...
Moddable SDK Heap Buffer Overflow Vulnerability (CNVD-2021-90313)
The Moddable SDK is a combination of development tools and runtime software used to create applications for microcontrollers. a security vulnerability exists in the Moddable SDK, which stems from a networked system or product that does not properly validate data boundaries when performing...