CVE-2018-12304

Cross-site scripting in Application Manager in Seagate NAS OS version 4.3.15.1 allows attackers to execute JavaScript via multiple application metadata fields: Short Description, Publisher Name, Publisher Contact, or Website URL...

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE...

PT-2023-22778 · Rekor +1 · Rekor +1

Name of the Vulnerable Software and Affected Versions: Rekor versions prior to 1.1.1 Description: Rekor is an open source software supply chain transparency log that may crash due to out of memory OOM conditions caused by reading archive metadata files into memory without checking their sizes...

OPENSUSE-SU-2022:0712-1 Security update for flatpak

This update for flatpak fixes the following issues: Update to flatpak 1.10.7: - CVE-2022-21682: Introduce new option --nofilesystem=host:reset to support flatpak-builder 1.2.2 bsc1194611. - CVE-2021-43860: A malicious repository could hav sent invalid application metadata in a way that hides some...

Ubuntu 16.04 LTS / 18.04 LTS : ZeroMQ vulnerability (USN-4050-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4050-1 advisory. It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or...

ZeroMQ Stack Buffer Overflow Vulnerability

ZeroMQ is a lightweight distributed messaging engine core library . A security vulnerability exists in ZeroMQ that stems from a program's failure to properly handle application metadata. An attacker could exploit this vulnerability to cause ZeroMQ to crash or possibly execute arbitrary code...

USN-4050-1 zeromq3 vulnerability

It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or possibly execute arbitrary code...