Hono Vulnerable to SSE Control Field Injection via CR/LF in writeSSE()

Summary When using streamSSE in Streaming Helper, the event, id, and retry fields were not validated for carriage return \r or newline \n characters. Because the SSE protocol uses line breaks as field delimiters, this could allow injection of additional SSE fields within the same event frame if...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the node.invoke parameters. An attacker can execute arbitrary commands on connected node hosts by injecting internal control fields into the parameters,...

Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet 安全漏洞

Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software is a Schweitzer Engineering Laboratories, Inc. tool for configuring, commissioning and managing power system protection, control, metering and monitoring equipment. monitoring equipment of the power system. A security...

Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet 安全漏洞

Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software is a Schweitzer Engineering Laboratories, Inc. tool for configuring, commissioning and managing power system protection, control, metering and monitoring equipment. monitoring equipment of the power system. A security...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.10.30 and fixes at least the following security issues: nfc: fix refcount leak in llcpsockbind CVE-2020-25670 nfc: fix refcount leak in llcpsockconnect CVE-2020-25671 nfc: fix memory leak in llcpsockconnect CVE-2020-25672 firewire: nosy: Fix a...

CVE-2019-5478

A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior...

Design/Logic Flaw

A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior...

CVE-2019-5478

A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior...

PT-2019-17698 · Xilinx · Xilinx Zynq Ultrascale+

Name of the Vulnerable Software and Affected Versions: Xilinx Zynq UltraScale+ devices affected versions not specified Description: A weakness was found in the Encrypt Only boot mode, which could allow an adversary to modify the control fields of the boot image. This modification could lead to...

DEBIAN-CVE-2009-4013

Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving 1 control field names, 2 control field values, and 3 control file...

CVE-2009-4013

Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving 1 control field names, 2 control field values, and 3 control file...