Command Injection

Overview Affected versions of this package are vulnerable to Command Injection due to an incomplete fix for CVE-2022-40764. A successful exploit allows attackers to run arbitrary commands on the host system where the Snyk CLI is installed by passing in crafted command line flags. In order to...

Command Injection

Overview snyk is an advanced tool that scans and monitors projects for security vulnerabilities. Affected versions of this package are vulnerable to Command Injection due to an incomplete fix for CVE-2022-40764. A successful exploit allows attackers to run arbitrary commands on the host system...

DEBIAN-CVE-2016-7908

The mcffecdotx function in hw/net/mcffec.c in QEMU aka Quick Emulator does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via vectors involving a buffer descript...

UBUNTU-CVE-2016-7907

The imxfecdotx function in hw/net/imxfec.c in QEMU aka Quick Emulator does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via vectors involving a buffer descript...

Design/Logic Flaw

rvrender.dll in RealNetworks RealPlayer 11.x, 14.x, and 15.x before 15.02.71, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via crafted flags in an RMFF file...