-react-file-list-components (=1.1.1), 01basicreact (>=0.1.0 <=0.1.9) +38843 more potentially affected by CVE-2021-3757 via immer (>=7.0.0 <=9.0.5)

immer NPM version =7.0.0, =0.1.0, =0.1.0, =0.1.6 - 0beny1s =1.1.6 - 0i0 =1.0.10 - 0scarclassa =1.0.1 - 0scarclassb =1.0.1 - 0scarclassc =1.0.1 - 0scarclassd =1.0.1 - 0scarclasse =1.0.1 - 0scarclassf =1.0.1 - 0scarclassg =1.0.1 - 0scarclassh =1.0.1 - 0scarclassi =1.0.1 - 0scarclassj =1.0.1 and mor...

NVIDIA Bootloader Buffer Overflow Vulnerability

NVIDIA Bootloader is a bootloader component from Nvidia Corporation. NVIDIA Bootloader is vulnerable to a buffer overflow vulnerability that can be exploited by attackers to cause information disclosure, data integrity, and information disclosure restrictions across all components...

Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2021-25215 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an assertion failure while answering queries fo...

[SECURITY] Fedora 34 Update: php-pear-1.10.12-9.fc34

PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components...

[SECURITY] Fedora 33 Update: php-pear-1.10.12-9.fc33

PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components...

Authentication flaw

An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to access the components GetStationSettings, GetWebsiteFilterSettings and GetNetworkSettings without authentication...

Unauthorized Access Vulnerability in WV-SFN310A at Panasonic (China) Co.

Panasonic China Co., Ltd. is a manufacturer primarily responsible for carrying out sales and after-sales service activities for home appliances, systems, environments, components and other goods. An unauthorized access vulnerability exists in Panasonic China Co. WV-SFN310A, which can be exploited...

Code issue vulnerability (CNVD-2021-53940) in Joomla!

is a set of forum components used in the Joomla! content management system. A code issue vulnerability exists in versions 2.5.0 to 3.9.27 of Joomla! that could be exploited by a remote, unauthenticated attacker to obtain or guess a session token and gain unauthorized access to a session belonging...

MacHound - An extension to audit Bloodhound collecting and ingesting of Active Directory relationships on MacOS hosts

MacHound is an extension to the Bloodhound audting tool allowing collecting and ingesting of Active Directory relationships on MacOS hosts. MacHound collects information about logged-in users, and administrative group members on Mac machines and ingest the information into the Bloodhound database...

Unauthorized Access Vulnerability in Panasonic Corporation (China) WV-SC384

Panasonic China Co., Ltd. is a manufacturer primarily responsible for carrying out sales and after-sales service activities for home appliances, systems, environments, components and other goods. An unauthorized access vulnerability exists in Panasonic China Co. WV-SC384, which can be exploited b...

Unauthorized Access Vulnerability in WV-SPW611L at Panasonic (China) Co.

Panasonic China Co., Ltd. was established in 1994 and is responsible for carrying out activities such as sales and after-sales service of home appliances, systems, environments, components and other goods. An unauthorized access vulnerability exists in Panasonic China Co. WV-SPW611L, which can be...

[SECURITY] Fedora 32 Update: pki-core-10.10.5-1.fc32

Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. PKI consists of the following components: Automatic Certificate Management Environment ACME Responder Certificate Authority CA Key Recovery Authority KRA Online Certificate Status...

GHSA-H4HR-7FG3-H35W Denial of service in prismjs

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

CVE-2021-23341

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

CVE-2021-23341

The package prismjs before 1.23.0 are vulnerable to Regular Expression Denial of Service ReDoS via the prism-asciidoc, prism-rest, prism-tap and prism-eiffel components...

CVE-2020-7071

In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filtervar$url, FILTERVALIDATEURL, PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong dat...

Security Bulletin: IBM Security QRadar Analyst Workflow add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2015-9251 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...

Fedora: Security Advisory for php-pear (FEDORA-2021-02996612f6)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Code Injection in tensorflow/tfx

Description TensorFlow Extended TFX is a Google-production-scale machine learning platform based on TensorFlow. It provides a configuration framework to express ML pipelines consisting of TFX components. Vulnerability Vulnerable to YAML deserialization attack caused by unsafe loading. Proof of...

Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2019-2974 DESCRIPTION: An unspecified vulnerability in product related to the Server Oracle MySQL component could allow an...