8 matches found
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the restore process when handling a crafted backup archive containing a valid backup/index.yaml and a malformed legacy backup.yaml file that omits the container section. An attacker can cause the daemon to...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the CreateCustomVolumeFromBackup process. An attacker can cause the daemon to crash by importing a crafted backup archive containing a null entry in the volumesnapshots array, which leads to a nil-pointer...
Allocation of Resources Without Limits or Throttling
Overview Scriban.Signed is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Affected versions of this package are vulnerable to Allocation of Resources Without...
Sensitive Information in Resource Not Removed Before Reuse
Overview Scriban is a Scriban is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Today, not only Scriban can be used in text templating scenarios, but also can ...
Uncontrolled Recursion
Overview Scriban is a Scriban is a fast, powerful, safe and lightweight scripting language and engine for .NET, which was primarily developed for text templating with a compatibility mode for parsing liquid templates. Today, not only Scriban can be used in text templating scenarios, but also can ...
PT-2024-15220 · Snow · Snow Inventory Agent
Name of the Vulnerable Software and Affected Versions: Snow Inventory Agent versions through 6.14.5 Description: The issue is related to an Authentication Bypass by Spoofing vulnerability, allowing Signature Spoof. This vulnerability does not have any reported real-world incidents or estimated...
PT-2023-5359 · Openemr · Openemr
Name of the Vulnerable Software and Affected Versions: OpenEMR versions prior to 7.0.1 Description: The issue is related to improper access control in the OpenEMR software, which can be exploited by a remote attacker to view, modify, and delete protected information. Recommendations: For versions...
PT-2021-18204 · Gradle +2 · Gradle +2
Name of the Vulnerable Software and Affected Versions: Gradle versions prior to 7.0 Description: The issue affects Gradle builds on Unix-like systems, where the system temporary directory can be created with open permissions, allowing multiple users to create and delete files within it. This can...