40 matches found
CVE-2023-33865
RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership...
CVE-2023-33204
sysstat through 12.7.2 allows a multiplication integer overflow in checkoverflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377...
CVE-2020-6817
bleach.clean behavior parsing style attributes could result in a regular expression denial of service ReDoS. Calls to bleach.clean with an allowed tag with an allowed style attribute are vulnerable to ReDoS. For example, bleach.clean..., attributes='a': 'style'...
CVE-2022-31783
Liblouis 3.21.0 has an out-of-bounds write in compileRule in compileTranslationTable.c, as demonstrated by loutrace...
CVE-2022-29869
cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = equal sign characters but is not a valid credentials file...
CVE-2020-36428
matio aka MAT File I/O Library 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble called from ReadInt32Data and MatVarRead4...
CVE-2020-23314
There is an Assertion 'blockfound' failed at js-parser-statm.c:2003 parserparsetrystatementend in JerryScript 2.2.0...
CVE-2020-23322
There is an Assertion in 'contextp-token.type == LEXERRIGHTBRACE || contextp-token.type == LEXERASSIGN || contextp-token.type == LEXERCOMMA' in parserparseobjectinitializer in JerryScript 2.2.0...
CVE-2020-23313
There is an Assertion 'scopestackp contextp-scopestackp' failed at js-scanner-util.c:2510 in scannerliteraliscreated in JerryScript 2.2.0...
CVE-2021-30485
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmlinternaldtd, while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference while running strcmp on a NULL pointer...
CVE-2020-25659
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext...
CVE-2020-10674
PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open...
CVE-2019-20503
usrsctp before 2019-12-20 has out-of-bounds reads in sctploadaddressesfrominit...
CVE-2020-7981
sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection when withinboundingbox is used in conjunction with untrusted swlat, swlng, nelat, or nelng data...
CVE-2009-4899
pixelpost 1.7.1 has SQL injection...
CVE-2019-16095
Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c...
CVE-2019-16092
Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c...
CVE-2019-6988
An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service attempted excessive memory allocation in opjcalloc in openjp2/opjmalloc.c, when called from opjtcdinittile in openjp2/tcd.c, as demonstrated by the 64-bit opjdecompress...
CVE-2018-18508
In Network Security Services NSS before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service...
CVE-2018-14952
The mail message display page in SquirrelMail through 1.4.22 has XSS via a "maction xlink:href=" attack...