7654 matches found
GHSA-2CHG-86HQ-7W38 btcd mishandles witness size checking
btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking. Specific Go Packages Affected github.com/btcsuite/btcd/wire...
btcd mishandles witness size checking
btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking. Specific Go Packages Affected github.com/btcsuite/btcd/wire...
CVE-2022-32888
A vulnerability was found in webkitgtk, where an out-of-bounds read was addressed with improved bounds checking. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2022-44797
btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking...
CVE-2022-44797
btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking...
CVE-2022-44797
btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking...
CVE-2022-44797
CVE-2022-44797 affects btcd before 0.23.2 (used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin products) due to mishandling of witness size checking, enabling high-impact network exploitation. The CVSSv3.1 base score is 9.8 (CRITICAL) with full confidentiality, integrity, and availabi...
The vulnerability of D-Link DIR-846 router’s microprogramming software lies in the insufficient checking of arguments passed in commands, allowing attackers to execute arbitrary commands.
The vulnerability of D-Link DIR-846 router’s microprogramming software is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a specially created request /HNAP1/ within the...
Mahara 安全漏洞
Mahara is a free open source web-based ePortfolio management system from Mahara. A security vulnerability exists in Mahara version 21.04 up to and including 21.04.7, 21.10 up to and including 21.10.5, 22.04 up to and including 22.04.3, and 22.10.0, which stems from a lack of privilege checking...
Tenable Nessus 10.4.x < 10.4.1 Multiple Vulnerabilities (TNS-2022-24)
According to its self-reported version, the Tenable Nessus application running on the remote host is 10.4.x prior to 10.4.1. It is, therefore, affected by multiple vulnerabilities, including: - A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint...
ckb: Transaction header_deps validation issue (network forking)
Impact fn HeaderCheckercheckvalid skipped main chain checking after this PR: https://github.com/nervosnetwork/ckb/pull/1646/filesdiff-c4e017b67c1b3005ca0c446a9b0879571aa36a858b1f7ddd1b9328a884e3214bR171-R176 It will cause network forking if one transaction is using a forked block header which is...
FreeBSD : OpenSSL -- Buffer overflows in Email verification (0844671c-5a09-11ed-856e-d4c9ef517024)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 0844671c-5a09-11ed-856e-d4c9ef517024 advisory. - A buffer overrun can be triggered in X.509 certificate verification, specifically in name...
Khan Academy: xss due to incorrect handling of postmessages
Due to Insecure handling of create link tags a tags in a function called autolink found in 7Bmt.af733e428f9f986dfc96.js js e = n.autolinke, !0; const n = function const e = /\b?:?:https?://|www\d0,3.|a-z0-9.-+.a-z2,4/?:^\s&+|&|?:^\s|?:^\s+\+?:?:^\s|?:^\s+\|^\s!\;:'".,?«»“”‘’&/gi; return...
CVE-2022-42808
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. A remote user may be able to cause kernel code execution...
CVE-2022-32925
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to cause unexpected system termination or write kernel memory...
CVE-2022-32925
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to cause unexpected system termination or write kernel memory...
Design/Logic Flaw
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively...
Design/Logic Flaw
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. A remote user may be able to cause kernel code execution...
CVE-2022-32888
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution...
Design/Logic Flaw
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to cause unexpected system termination or write kernel memory...