2680 matches found
USN-5225-1: lxml vulnerability
It was discovered that lxml incorrectly handled certain XML and HTML files. An attacker could possibly use this issue to execute arbitrary code...
Jenkins 插件 权限许可和访问控制问题漏洞
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.The Jenkins Credentials Binding Plugin is vulnerable to an input validation error that stems from the plugin's failure to...
PT-2022-14825 · Jenkins · Jenkins Credentials Binding Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Credentials Binding Plugin versions 1.27 and earlier Jenkins Credentials Binding Plugin versions prior to 1.27.1 Jenkins Credentials Binding Plugin versions prior to 1.24.1 Description: The issue allows attackers with Overall/Read...
GHSA-HXJF-H2MH-R6HJ Use After Free in libpulse-binding
Affected versions contained a pair of use-after-free issues with the objects returned by the getformatinfo and getcontext methods of Stream objects. These objects were mistakenly being constructed without setting an important flag to prevent destruction of the underlying C objects they reference...
Use After Free in libpulse-binding
Affected versions contained a pair of use-after-free issues with the objects returned by the getformatinfo and getcontext methods of Stream objects. These objects were mistakenly being constructed without setting an important flag to prevent destruction of the underlying C objects they reference...
Panic mishandled in libpulse-binding
An issue was discovered in the libpulse-binding crate before 2.6.0 for Rust. It mishandles a panic that crosses a Foreign Function Interface FFI boundary...
GHSA-XVCG-2Q82-R87J Panic mishandled in libpulse-binding
An issue was discovered in the libpulse-binding crate before 2.6.0 for Rust. It mishandles a panic that crosses a Foreign Function Interface FFI boundary...
GHSA-JQPV-JM4M-86J9 Use After Free in libpulse-binding
Affected versions contained a pair of use-after-free issues with the objects returned by the getformatinfo and getcontext methods of Stream objects. These objects were mistakenly being constructed without setting an important flag to prevent destruction of the underlying C objects they reference...
Use After Free in libpulse-binding
Affected versions contained a pair of use-after-free issues with the objects returned by the getformatinfo and getcontext methods of Stream objects. These objects were mistakenly being constructed without setting an important flag to prevent destruction of the underlying C objects they reference...
mdbtools 缓冲区错误漏洞
mdbtools is MDB Tools is a group of programs that help you extract data from Microsoft Access files under various settings. A security vulnerability exists in MDB Tools aka mdbtools 0.9.2 that stems from a stack-based buffer overflow in mdbnumerictostring from mdbxferbounddata and mdbattemptbind...
SQLite report about CVE-2022-21227
This CVE describes a bug in a third-party packages that provides a binding for SQLite to Node.js. The bug reported is in the third-party Node.js binding, not in SQLite itself. Do not be confused by the use of the word "SQLite" in the ambiguously-worded CVE description...
Information Disclosure
tang is vulnerable to information disclosure. The vulnerability exists due to a lack of sanitization in the network-based cryptographic binding server...
Mozilla Rust libpulse-binding crate memory corruption vulnerability
Rust libpulse-binding crate is a repository containing sys FFI and binding libraries crates for connecting to PulseAudio PA from the Rust programming language.Mozilla Rust libpulse-binding crate memory corruption vulnerability, which stems from a security flaw in A security vulnerability exists i...
CVE-2018-25027
An issue was discovered in the libpulse-binding crate before 1.2.1 for Rust. getformatinfo can cause a use-after-free...
CVE-2018-25027
An issue was discovered in the libpulse-binding crate before 1.2.1 for Rust. getformatinfo can cause a use-after-free...
CVE-2018-25028
An issue was discovered in the libpulse-binding crate before 1.2.1 for Rust. getcontext can cause a use-after-free...
CVE-2019-25055
An issue was discovered in the libpulse-binding crate before 2.6.0 for Rust. It mishandles a panic that crosses a Foreign Function Interface FFI boundary...
CVE-2019-25055
An issue was discovered in the libpulse-binding crate before 2.6.0 for Rust. It mishandles a panic that crosses a Foreign Function Interface FFI boundary...
CVE-2018-25028
An issue was discovered in the libpulse-binding crate before 1.2.1 for Rust. getcontext can cause a use-after-free...
Design/Logic Flaw
An issue was discovered in the libpulse-binding crate before 1.2.1 for Rust. getcontext can cause a use-after-free...