DEBIAN-CVE-2021-47334

In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Fix two use after free in ibmasminitone In ibmasminitone, it calls ibmasminitremoteinputdev. Inside ibmasminitremoteinputdev, mousedev and keybddev are allocated by inputallocatedevice, and assigned to...

UBUNTU-CVE-2021-47334

In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Fix two use after free in ibmasminitone In ibmasminitone, it calls ibmasminitremoteinputdev. Inside ibmasminitremoteinputdev, mousedev and keybddev are allocated by inputallocatedevice, and assigned to...

yajl: Memory leak in yajl_tree_parse function

A flaw was found in the yajl library, which exists due to a memory leak within the yajltreeparse function. This flaw allows a remote attacker to parse malicious JSON input to cause out-of-memory in the server, causing a crash, resulting in a denial of service attack...

Tenda W15E 安全漏洞

W15E is a wireless router from Shenzhen Jixiang Tengda Technology Co. Ltd. W15E 15.11.0.14 version of the buffer overflow vulnerability, the vulnerability stems from / goform / SetRemoteWebManage file formSetRemoteWebManage method of the remoteIP parameter fails to correctly validate the length o...

webkitgtk: Visiting a malicious website may lead to address bar spoofing.

A vulnerability was found in WebKitGTK. This flaw occurs due to an issue in the component URL Handler, which allows a remote attacker to manipulate an unknown input that can lead to clickjacking...

webkitgtk: Visiting a malicious website may lead to address bar spoofing.

A vulnerability was found in WebKitGTK. This flaw occurs due to an issue in the component URL Handler, which allows a remote attacker to manipulate an unknown input that can lead to clickjacking...

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server, related to errors in processing input data, allows a perpetrator to cause service interruptions.

The vulnerability of the IBM DB2 database management system and the IBM DB2 Connect Server automatic redirection server is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the Microsoft Message Queuing (MSMQ) queue service on Windows operating systems allows a attacker to cause a service failure.

The vulnerability of the Microsoft Message Queuing MSMQ service on Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

SUSE CVE-2006-1014

Argument injection vulnerability in certain PHP 4.x and 5.x applications, when used with sendmail and when accepting remote input for the additionalparameters argument to the mbsendmail function, allows context-dependent attackers to read and create arbitrary files by providing extra -C and -X...

SUSE CVE-2009-2625

XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service infinite loop and application hang via malformed XML input, as...

GO-2022-1188 Uncontrolled memory allocation in code.sajari.com/docconv

An attacker can remotely supply a specially crafted input that causes uncontrolled memory allocation...

DEBIAN-CVE-2022-40898

An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli...

UBUNTU-CVE-2022-40898

An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli...

CVE-2022-40898

An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli...

httpd: Out-of-bounds write in ap_escape_quotes() via malicious input

An out-of-bounds write in function apescapequotes of httpd allows an unauthenticated remote attacker to crash the server or potentially execute code on the system with the privileges of the httpd user, by providing malicious input to the function...

WithSecure products 跨站脚本漏洞

WithSecure products is a series of security software from the Finnish company WithSecure. A security vulnerability exists in WithSecure versions 2022-08-10 and earlier, which stems from the presence of reflected cross-site scripting with unvalidated parameters in an endpoint, allowing a remote...

CVE-2022-30083

EllieGrid Android Application version 3.4.1 is vulnerable to Code Injection. The application appears to evaluate user input as code remote...

PT-2022-18865 · Hikvision · Hikvision Hybrid San/Cluster Storage

Name of the Vulnerable Software and Affected Versions: Hikvision Hybrid SAN/Cluster Storage products affected versions not specified Description: The issue is related to insufficient input validation in the web module of certain Hikvision Hybrid SAN/Cluster Storage products. This allows an attack...

CVE-2021-40095

An issue was discovered in SquaredUp for SCOM 5.2.1.6654. The Download Log feature in System / Maintenance was susceptible to a local file inclusion vulnerability when processing remote input in the log files downloaded by an authenticated administrator user, leading to the ability to read...

Design/Logic Flaw

An issue was discovered in SquaredUp for SCOM 5.2.1.6654. The Download Log feature in System / Maintenance was susceptible to a local file inclusion vulnerability when processing remote input in the log files downloaded by an authenticated administrator user, leading to the ability to read...