CVE-2021-4278

A vulnerability classified as problematic has been found in cronvel tree-kit up to 0.6.x. This affects an unknown part. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. Upgrading to version 0.7.0 is able to address this issue. The...

CVE-2021-4278

A vulnerability classified as problematic has been found in cronvel tree-kit up to 0.6.x. This affects an unknown part. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. Upgrading to version 0.7.0 is able to address this issue. The...

Design/Logic Flaw

A vulnerability classified as problematic has been found in cronvel tree-kit up to 0.6.x. This affects an unknown part. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. Upgrading to version 0.7.0 is able to address this issue. The...

CVE-2021-4278 cronvel tree-kit prototype pollution

A vulnerability classified as problematic has been found in cronvel tree-kit up to 0.6.x. This affects an unknown part. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. Upgrading to version 0.7.0 is able to address this issue. The...

CVE-2021-4278

The CVE-2021-4278 entry concerns cronvel tree-kit versions up to 0.6.x and describes a prototype pollution issue resulting from improper checks that allow manipulation of object prototype attributes. The root cause is an undefined part of the codebase, with the recommended remediation being an up...

Tree Kit 安全漏洞

Tree Kit is a toolkit for Cedric Ronvel's personal developers that provides functions that operate with nested object structures. A security vulnerability exists in Tree Kit versions prior to 0.7.0, which stems from a vulnerability that can lead to improperly controlled modification of an object'...

PT-2022-11686 · Unknown · Cronvel Tree-Kit

Name of the Vulnerable Software and Affected Versions: cronvel tree-kit versions up to 0.6.x Description: A problematic vulnerability has been found, affecting an unknown part of the software. The issue leads to improperly controlled modification of object prototype attributes, also known as...

AZL-12093 CVE-2022-47938 affecting package kernel for versions less than 5.15.86.1-1

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2TREECONNECT...

AZL-12094 CVE-2022-47939 affecting package kernel for versions less than 5.15.86.1-1

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2TREEDISCONNECT...

DEBIAN-CVE-2022-47939

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2TREEDISCONNECT...

DEBIAN-CVE-2022-47938

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2TREECONNECT...

UBUNTU-CVE-2022-47939

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2TREEDISCONNECT...

UBUNTU-CVE-2022-47938

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2TREECONNECT...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from fs/ksmbd/smb2misc.c having an out-of-bounds read and an OOPS for SMB2TREECONNECT...

Groupbuy: Construction of merkle tree allows some unintended IDs to be bought

Lines of code Vulnerability details Impact In GroupBuy.purchase, when no proof is provided, it is required that the provided token ID is equal to the stored merkleRoot: if purchaseProof.length == 0 // Hashes tokenId to verify merkle root if proof is empty if bytes32tokenId != merkleRoot revert...

PT-2024-11817 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Universal Disk Format UDF in the Linux kernel, where a problem with preallocation discarding at indirect extent boundaries could lead to corruption of the...

GSD-2022-1007980 btrfs: fix tree mod log mishandling of reallocated nodes

btrfs: fix tree mod log mishandling of reallocated nodes This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.78 by commit...

GSD-2022-1007831 btrfs: fix tree mod log mishandling of reallocated nodes

btrfs: fix tree mod log mishandling of reallocated nodes This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.8 by commit...

PT-2025-49618

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-next-20221007-dirty 349 Description A flaw exists in the Linux kernel related to the handling of boot loader inodes. Specifically, a bug in the es tree search function within the ext4 filesystem can occur...

Malicious code in tcm-one-tree (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4b7f900ef8f753774bd695128ad350ff16b9f03c8c4d53ffea0f43dc61ae4c09 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...