2158 matches found
Mozilla Firefox Security Advisory (MFSA2013-14) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
tpm2-tools: fixed AES wrapping key in tpm2_import
A flaw was found in tpm2-tools. tpm2import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality...
Vulnerability in packageCmd function leads to arbitrary code execution via filePath parameters
aaptjs is a node wraper for aapt. An issue was discovered in the packageCmd function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...
Vulnerability in singleCrunch function leads to arbitrary code execution via filePath parameters
aaptjs is a node wraper for aapt. An issue was discovered in the singleCrunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...
Vulnerability in crunch function leads to arbitrary code execution via filePath parameters
aaptjs is a node wraper for aapt. An issue was discovered in the crunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...
aaptjs remote code execution vulnerability (CNVD-2021-84826)
aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the list function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...
aaptjs remote code execution vulnerability (CNVD-2021-84829)
aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the remove function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...
aaptjs remote code execution vulnerability
aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the add function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...
aaptjs remote code execution vulnerability (CNVD-2021-84828)
aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the dump function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...
aaptjs remote code execution vulnerability (CNVD-2021-84831)
aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the crunch function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...
Shenzhim Aaptjs 操作系统命令注入漏洞
aaptjs is a node wrapper for aapt. aaptjs version 1.3.1 has a remote code execution vulnerability in the packageCmd function. An attacker can exploit this vulnerability to execute arbitrary code via the filePath parameter...
Unhandled return values of transfer
Handle WatchPug Vulnerability details ERC20 implementations are not always consistent. Some implementations of transfer could return ‘false’ on failure instead of reverting. It is safer to wrap such calls into require statements to these failures. Unsafe transfer calls were found in the following...
Fedora: Security Advisory for gfbgraph (FEDORA-2021-9c737bb848)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for gfbgraph (FEDORA-2021-7cccd2784c)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 34 Update: gfbgraph-0.2.4-1.fc34
GLib/GObject wrapper for the Facebook Graph API that integrates with GNOME Online Accounts...
Exploit for Code Injection in Pivotal_Software Spring_Data_Commons
Based on the provided code and metadata, here is a description of the repository and its contents: Repository: This repository appears to be a Maven wrapper for the Apache Maven project, specifically version 3.5.3. The repository contains metadata and configuration files for the Maven wrapper,...
Compilation database: An alternative way to configure your C or C++ analysis
Analyzing C or C++ code requires - in addition to the source code - the configuration that is used to build the code. At SonarSource, we have provided a tool to automate the extraction of this information, the build wrapper. This tool has been used successfully with many projects, yet there are...
CVE-2021-36766
Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the controllers/singlepage/dashboard/system/environment/logging.php Logging::updatelogging method. User input passed through the logFile request parameter is not properly sanitized before being used in a ca...
Usage of deprecated ChainLink API in GasOracle
Handle cmichel Vulnerability details The Chainlink API latestAnswer used in the GasOracle oracle wrappers is deprecated: This API is deprecated. Please see API Reference for the latest Price Feed API. Chainlink Docs Impact It seems like the old API can return stale data. Checks similar to that of...
Lack of return value check or use of SafeERC20 wrappers for token transfers
Handle 0xRajeev Vulnerability details Impact ERC20 tokens are specified to return a boolean value on token transfer and transferFrom. However, tokens may not adhere to the spec and return no value for success/failure. Checking the return values of ERC20 token transfers is therefore important to...