Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS via the yajltreeparse function. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other vulnerabilities, DoS attacks...

CVE-2023-0976

A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. The malicious file is executed by running the TA deployment feature located in the System Tree...

CVE-2023-0976

A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. The malicious file is executed by running the TA deployment feature located in the System Tree...

Command injection

A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. The malicious file is executed by running the TA deployment feature located in the System Tree...

CVE-2023-0976

A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. The malicious file is executed by running the TA deployment feature located in the System Tree...

CVE-2023-0976

CVE-2023-0976 describes a local command-injection in Trellix Agent (TA) for macOS prior to version 5.7.9. The flaw lets a local attacker place an arbitrary file into the /Library/Trellix/Agent/bin/ directory, with the file being executed via the TA deployment feature in the System Tree. The vulne...

PT-2023-16658 · Trellix · Ta

Name of the Vulnerable Software and Affected Versions: TA for mac-OS versions prior to 5.7.9 Description: A command injection issue allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. The malicious file is executed by running the TA deployment feature locate...

DEBIAN-CVE-2023-33460

There's a memory leak in yajl 2.1.0 with use of yajltreeparse function. which will cause out-of-memory in server and cause crash...

CVE-2023-33460

There's a memory leak in yajl 2.1.0 with use of yajltreeparse function. which will cause out-of-memory in server and cause crash...

AZL-35363 CVE-2023-33460 affecting package yajl for versions less than 2.1.0-19

There's a memory leak in yajl 2.1.0 with use of yajltreeparse function. which will cause out-of-memory in server and cause crash...

ALPINE-CVE-2023-33460

There's a memory leak in yajl 2.1.0 with use of yajltreeparse function. which will cause out-of-memory in server and cause crash...

UBUNTU-CVE-2023-33460

There's a memory leak in yajl 2.1.0 with use of yajltreeparse function. which will cause out-of-memory in server and cause crash...

WordPress Tree Page View 1.6.7 Cross Site Scripting

Exploit Title: Tree Page View Plugin 1.6.7 - Cross Site Scripting XSS Google Dork: inurl:/wp-content/plugins/cms-tree-page-view/ Date: 2023-04-24 Exploit Author: LEE SE HYOUNG hackintoanetwork Vendor Homepage: https://wordpress.org/plugins/cms-tree-page-view/ Software Link:...

YAJL 安全漏洞

YAJL is a fast streaming JSON parsing library from the individual developer Lloyd Hilaiel. A security vulnerability exists in YAJL version 2.1.0, which stems from a memory leak using the yajltreeparse function...

git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents

A vulnerability was found in Git. This security flaw occurs when feeding specially crafted input to git apply --reject; a path outside the working tree can be overwritten with partially controlled contents corresponding to the rejected hunks from the given patch...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: netfilter: use-after-free in nftables when processing batch requests can lead to privilege escalation CVE-2023-32233 For more...

CVE-2023-24601

OX App Suite before frontend 7.10.6-rev24 allows XSS via a non-app deeplink such as the jslob API's registry sub-tree...

Cross site scripting

OX App Suite before frontend 7.10.6-rev24 allows XSS via a non-app deeplink such as the jslob API's registry sub-tree...

CVE-2023-24601

OX App Suite before frontend 7.10.6-rev24 allows XSS via a non-app deeplink such as the jslob API's registry sub-tree...