TZInfo 安全漏洞

TZInfo is a Ruby timezone library. A security vulnerability exists in TZInfo that stems from its susceptibility to relative path traversal causing TZInfo::Timezone.get to load arbitrary files. The following versions are affected: 0.3.60 and earlier, 1.0.0 through 1.2.9 only when used with the Rub...

PT-2022-20578 · Tzinfo +3 · Tzinfo +3

Name of the Vulnerable Software and Affected Versions: TZInfo versions prior to 0.3.61 TZInfo versions 1.0.0 to 1.2.9 when used with the Ruby data source TZInfo version 0.3.60 and earlier Description: The issue is related to relative path traversal in the TZInfo Ruby library, which provides acces...

TZInfo relative path traversal vulnerability allows loading of arbitrary files

Impact Affected versions - 0.3.60 and earlier. - 1.0.0 to 1.2.9 when used with the Ruby data source tzinfo-data. Vulnerability With the Ruby data source the tzinfo-data gem for tzinfo version 1.0.0 and later and built-in to earlier versions, time zones are defined in Ruby files. There is one file...

gnome-initial-setup bug fix and enhancement update

An update is available for gnome-initial-setup. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gnome-initial-setup packages provide the Initial Setup...

gnome-initial-setup bug fix and enhancement update

An update is available for gnome-initial-setup. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gnome-initial-setup packages provide the Initial Setup...

gnome-control-center bug fix and enhancement update

An update is available for gnome-control-center. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gnome-control-center package contains configuration utilitie...

gnome-control-center bug fix and enhancement update

An update is available for gnome-control-center. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gnome-control-center package contains configuration utilitie...

[SECURITY] [DLA 3051-1] tzdata new timezone database

------------------------------------------------------------------------- Debian LTS Advisory DLA-3051-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort June 15, 2022 https://wiki.debian.org/LTS -...

DLA-3051-1 tzdata - new timezone database

Bulletin has no description...

Tenda AX1806 Stack Overflow Vulnerability (CNVD-2022-38065)

Tenda AX1806 is a WiFi6 wireless router from Tenda China. A security vulnerability exists in the Tenda AX1806 version 1.0.0.1, which originates from a stack overflow discovered via the timeZone parameter in the formfastsettingwifiset function. An attacker can cause a denial of service DoS by...

CVE-2022-28972

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function formfastsettingwifiset. This vulnerability allows attackers to cause a Denial of Service DoS...

CVE-2022-28972

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function formfastsettingwifiset. This vulnerability allows attackers to cause a Denial of Service DoS...

CVE-2022-28972

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function formfastsettingwifiset. This vulnerability allows attackers to cause a Denial of Service DoS...

Stack overflow

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function formfastsettingwifiset. This vulnerability allows attackers to cause a Denial of Service DoS...

CVE-2022-28972

Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function formfastsettingwifiset. This vulnerability allows attackers to cause a Denial of Service DoS...

CVE-2022-28972

CVE-2022-28972 affects Tenda AX1806 v1.0.0.1. A stack overflow is triggered via the timeZone parameter in the function form_fast_setting_wifi_set, leading to a Denial of Service (DoS). CVSS:3.1 base score 7.5 (Network, Low attack complexity, No privileges, No user interaction). Other sources also...

Tenda AX1806 缓冲区错误漏洞

Tenda AX1806 is a WiFi6 wireless router from Tenda China. A security vulnerability exists in the Tenda AX1806 version 1.0.0.1, which originates from a stack overflow discovered via the timeZone parameter in the formfastsettingwifiset function. An attacker can cause a denial of service DoS by...

svaiza.com Cross Site Scripting vulnerability OBB-2598767

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-28573

D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the function SetNTPserverSeting. This vulnerability allows attackers to execute arbitrary commands via the systemtimetimezone parameter...

D-Link DIR-823-Pro 操作系统命令注入漏洞

The D-Link DIR-823-Pro is a router from China-based AUO D-Link. The D-Link DIR-823-Pro version 1.0.2 suffers from an operating system command injection vulnerability that originates from the inclusion of a command injection vulnerability in the function SetNTPserverSeting. An attacker could explo...