115 matches found
Heap overflow
A heap-based overflow vulnerability in HWR::EngJudgeModel::Construct in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault...
CVE-2022-36844
Summary (concrete details from connected docs): CVE-2022-36844 is a heap-based overflow in HWR::EngJudgeModel::Construct() within the Samsung libSDKRecognitionText.spensdk.samsung.so library. Vulnerable component: libSDKRecognitionText.spensdk.samsung.so prior to SMR Sep-2022 Release 1. Impact de...
CVE-2022-36844
A heap-based overflow vulnerability in HWR::EngJudgeModel::Construct in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault...
CVE-2022-36862
A heap-based overflow vulnerability in HWR::EngineCJK::Impl::Construct in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault...
SAMSUNG Mobile devices 缓冲区错误漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A buffer error vulnerability exists in the SMR Sep-2022 Release 1 version of SAMSUNG Mobile devices, which stems from the HWR::EngJudgeModel::Construc...
PT-2022-14593 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible out of bounds write due to an integer overflow in the construct transaction function of lwis ioctl.c. This could lead to local escalation of privilege in the kernel, requiring...
MAL-2022-2167 Malicious code in construct-burst (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b8ba5231fbc66a4eb5be4b1a08e279e92c7a939d451f2683c37acb0e37c3c634 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in construct-burst (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b8ba5231fbc66a4eb5be4b1a08e279e92c7a939d451f2683c37acb0e37c3c634 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-JMWX-R3GQ-QQ3P vec-const attempts to construct a Vec from a pointer to a const slice
Affected versions of this crate claimed to construct a const Vec with nonzero length and capacity, but that cannot be done because such a Vec requires a pointer from an allocator. The implementation was later changed to just construct a std::borrow::Cow...
vec-const attempts to construct a Vec from a pointer to a const slice
Affected versions of this crate claimed to construct a const Vec with nonzero length and capacity, but that cannot be done because such a Vec requires a pointer from an allocator. The implementation was later changed to just construct a std::borrow::Cow...
Pharmacy Management System代码问题漏洞
A remote code execution vulnerability exists in Pharmacy Management System v1.0, which stems from the component /phpaction/editProductImage.php failing to properly filter the construct snippet special element of the construction snippet. An attacker could exploit this vulnerability to cause...
Prototype Pollution
litespeed.js is vulnerable to prototype pollution. The vulnerability exists due to a lack of sanitization for the key value in the state.js file which allows an attacker to inject properties into existing construct prototypes and modify attributes...
Sandbox Bypass
realms-shim is vulnerable to sandbox bypass. The vulnerability exists through the 'realmEvaluate' function in 'realm.js' as its does not properly validate the input, allowing an attacker bypass the sandbox by inject properties into existing construct prototypes...
Prototype Pollution
node-forge is vulnerable to prototype pollution. The vulnerability exists through the 'debug.set' function in 'debug.js' , allowing an attacker to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Prototype Pollution
x-assign is vulnerable to prototype pollution. An attacker is able to inject malicious properties into existing construct prototypes and modify attributes using the proto object...
Prototype Pollution
object-path is vulnerable to Prototype Pollution. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as proto, constructor and prototype via the del function...
Prototype Pollution
nedb is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Prototype Pollution
set-getter is vulnerable to prototype pollution. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Prototype Pollution
js-extend is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...
Prototype Pollution
jquery-bbq is vulnerable to prototype pollution. An attacker is able to inject malicious properties into existing construct prototypes Object.prototype and modify attributes such as proto, constructor and prototype...