Intel Trace Analyzer And Collector 代码问题漏洞

Intel Trace Analyzer And Collector is a trace analyzer and collector from Intel USA. It is used to analyze Mpi behavior in parallel applications. A security vulnerability exists in Intel Trace Analyzer And Collector prior to version 2020 that stems from the presence of an uncontrolled search path...

CVE-2023-27909

An Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK version 2020 or prior may lead to code execution through maliciously crafted FBX files or information disclosure...

SUSE CVE-2020-14954

Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data e.g., from a man-in-the-middle attacker and evaluates it in a TLS context, aka "response injection."...

CVE-2021-28674

The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node outside of the attacker's perimeter via an account with write permissions. This occurs because node IDs are predictable with incrementing numbers and the access control on...

CVE-2021-0100

Incorrect default permissions in the installer for the IntelR SSD Data Center Tool, versions downloaded before 12/31/2020, may allow an authenticated user to potentially enable escalation of privilege via local access...

Intel SSD Data Center Tool 安全漏洞

Intel SSD Data Center Tool Intel SSD DCT is a solid state drive management tool from Intel Corporation USA. The product supports configuration of SSDs using PCIe and SATA and detects the status of SSDs. A security vulnerability exists in versions of IntelR SSD Data Center Tool prior to 12/31/2020...

CVE-2020-14105

The application in the mobile phone can read the SNO information of the device, Xiaomi 10 MIUI 2020.01.15...

CVE-2021-28042

Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component. This can lead to remote code execution...

OESA-2021-1005 mutt security update

Mutt is a small but very powerful text-based mail client for Unix operating systems.\r\n\r\n Security Fixes:\r\n\r\n Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $sslforcetls was processed if an IMAP server's initial server response was invalid. The connection was not...

CVE-2021-25767

In JetBrains YouTrack before 2020.6.1767, an issue's existence could be disclosed via YouTrack command execution...

Madshi MadCodeHook Security Breach

Madshi MadCodeHook is a code base organized by Madshi to handle code compatibility between 32-bit and 64-bit Windows 2000 to Windows 10 systems. Madshi MadCodeHook before 2020-07-16 A security vulnerability exists that allows a local attacker to elevate their privileges on the system...

Rust flatbuffers crate 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in flatbuffers crate in versions of Mozilla Rust prior to 2020-04-11, no details of the vulnerability are provided at this time...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in ozone crate in versions of Mozilla Rust prior to 2020-07-04, which stems from an out-of-bounds access that violates memory safety. No details of the vulnerability are...

Rust traitobject crate 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in traitobject crate in versions of Mozilla Rust prior to 2020-06-01, which stems from the fact that it incorrectly expects a fat pointer, and can be exploited by an attack...

Rust rulinalg crate 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in rulinalg crate in versions of Mozilla Rust prior to 2020-02-11, which stems from improperly defined lifecycle boundaries in RowMut::raw slice and RowMut::raw slice mut. No...

Dhowden Tag Input Validation Error Vulnerability

Dhowden Tag is a Go-based MP3/MP4/OGG/FLAC metadata parsing library by Dhowden's personal developer. A security vulnerability exists in dhowden tag versions prior to 2020-11-19, which allows "panic: runtime error: slice bounds out of range" via readTextWithDescrFrame...

Progress Software MOVEit Transfer Cross-Site Scripting Vulnerability

Progress Software MOVEit Transfer is a suite of file transfer software from Progress Software, USA. A cross-site scripting vulnerability exists in MOVEit Transfer versions prior to 2020.1, which originates from a malicious user being able to write and store payloads in the application. If a victi...

CVE-2020-25209

In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API...

PT-2020-16209

Name of the Vulnerable Software and Affected Versions Tiny Tiny RSS versions prior to 2020-09-16 Description An issue was discovered in the cached url feature, which mishandles JavaScript inside an SVG document. This issue affects Tiny Tiny RSS. Recommendations For versions prior to 2020-09-16,...

Micro Focus Secure Messaging Gateway Injection Vulnerability

Micro Focus Secure Messaging Gateway SMG is a secure messaging gateway product from Micro Focus UK. The product supports features such as email scanning and inbound and outbound protection. A security vulnerability exists in Micro Focus SMG versions prior to 2020-7. An attacker could exploit the...