1390 matches found
steal vulnerable to Prototype Pollution via alias variable
Prototype pollution vulnerability in stealjs steal via the alias variable in babel.js...
PT-2022-25266 · Hashicorp +1 · Hashicorp Vault +2
Name of the Vulnerable Software and Affected Versions: HashiCorp Vault versions prior to 1.11.3 HashiCorp Vault Enterprise versions prior to 1.11.3 Description: A vulnerability in the Identity Engine of HashiCorp Vault was found where, in a deployment with an entity having multiple mount accessor...
CVE-2022-37265
Prototype pollution vulnerability in stealjs steal 2.2.4 via the alias variable in babel.js...
CVE-2022-37265
Prototype pollution vulnerability in stealjs steal 2.2.4 via the alias variable in babel.js...
CVE-2022-37265
Prototype pollution vulnerability in stealjs steal 2.2.4 via the alias variable in babel.js...
steal 安全漏洞
steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal version 2.2.4, which stems from prototype contamination via alias variables in babel.js...
The vulnerability of the kbase_mem_alias function (mali_kbase_mem_linux.c) in the Android operating system’s kernel allows a hacker to increase their privileges and execute arbitrary code.
The vulnerability of the kbasememalias function malikbasememlinux.c in the Android operating system kernel is related to insufficient input data validation. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...
A flaw was found in glib before version 2.63.6. Due to random charset alias pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.
...
CVE-2022-0336
The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as...
DEBIAN-CVE-2021-3800
A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition...
CLSA-2022-1660761670 Fixed CVEs in exim: CVE-2022-37451, CVE-2022-37452
CVE-2022-37452: fix heap-based buffer overflow for the alias list in hostnamelookup - CVE-2022-37451: fix invalid free in pamconverse...
CLSA-2022-1660759272 Fixed CVEs in exim: CVE-2022-37451, CVE-2022-37452
CVE-2022-37452: fix heap-based buffer overflow for the alias list in hostnamelookup - CVE-2022-37451: fix invalid free in pamconverse...
CVE-2022-35980
OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. Versions 2.0.0.0 and 2.1.0.0 of the security plugin are affected by an information disclosure vulnerability. Requests to an OpenSearch cluster configured with advanced access control features...
PT-2022-23078 · Unknown · Opensearch +2
Name of the Vulnerable Software and Affected Versions: OpenSearch Security versions 2.0.0.0 through 2.1.0.0 Description: The issue concerns an information disclosure vulnerability in OpenSearch Security, a plugin for OpenSearch that provides encryption, authentication, and authorization. When an...
Unspecified Vulnerability in Exim (CNVD-2022-56952)
Exim is an open source messaging agent MTA running on Unix systems that routes, forwards and delivers mail. A security vulnerability exists in Exim versions prior to 4.95, which stems from a heap-based buffer overflow in the alias list in hostnamelookup when senderhostname is set. No details of t...
CVE-2022-37452
Exim before 4.95 has a heap-based buffer overflow for the alias list in hostnamelookup in host.c when senderhostname is set...
CVE-2022-37452
Exim before 4.95 has a heap-based buffer overflow for the alias list in hostnamelookup in host.c when senderhostname is set...
UBUNTU-CVE-2022-37452
Exim before 4.95 has a heap-based buffer overflow for the alias list in hostnamelookup in host.c when senderhostname is set...
Exim 缓冲区错误漏洞
Exim is an open source messaging agent MTA running on Unix systems that routes, forwards and delivers mail. A security vulnerability exists in Exim versions prior to 4.95, which stems from a heap-based buffer overflow in the alias list in hostnamelookup when senderhostname is set. No details of t...
CVE-2022-2059
In Pandora FMS v7.0NG.761 and below, in the agent creation section, the alias parameter is vulnerable to a Stored Cross Site-Scripting. This vulnerability can be exploited by an attacker with administrator privileges logged in the system...