7 matches found
Use After Free
Overview msgpack is an efficient binary serialization format. Affected versions of this package are vulnerable to Use After Free in the unpacker' when it is reused after an error has occurred. An attacker can cause a crash or denial of service by repeatedly triggering errors and reusing the same...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation via the SignedPublicKeysTrustValidatorImpl.isTrusted function. An attacker can bypass signature verification and gain unauthorized access by providing any structurally valid ECDSA signature, as the boolea...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation via improper validation in the certificate renewal process. An attacker can gain unauthorized access to other managed clusters by forging a client certificate that is accepted by the controller. Remediati...
CVE-2025-1644
A vulnerability classified as problematic has been found in Benner ModernaNet up to 1.2.0. Affected is an unknown function of the file /DadosPessoais/SGGravar. The manipulation of the argument idItAg leads to cross-site request forgery. It is possible to launch the attack remotely. Upgrading to...
Out-of-Bounds
Overview Microsoft.ChakraCore is a core part of the Chakra Javascript engine that powers Microsoft Edge Affected versions of this package are vulnerable to Out-of-Bounds via the Chakra JavaScript engine in Microsoft Edge. An attacker can execute arbitrary code or cause a denial of service memory...
Out-of-Bounds
Overview Microsoft.ChakraCore is a core part of the Chakra Javascript engine that powers Microsoft Edge Affected versions of this package are vulnerable to Out-of-Bounds via the Chakra JavaScript engine. An attacker can execute arbitrary code or cause a denial of service memory corruption by...
Out-of-Bounds
Overview Microsoft.ChakraCore is a core part of the Chakra Javascript engine that powers Microsoft Edge Affected versions of this package are vulnerable to Out-of-Bounds via the Chakra JavaScript engine in Microsoft Edge. An attacker can execute arbitrary code or cause a denial of service memory...