GHSA-4XQX-PQPJ-9FQW gajira-create GitHub action vulnerable to arbitrary code execution

Impact An attacker can execute arbitrary code in the context of a GitHub runner by creating a specially crafted GitHub issue. Patches This issue is patched in gajira-create version 2.0.1. Workarounds There are no known workarounds. References GitHub Security Lab advisory GHSL-2020-172...

create-health.com.au Cross Site Scripting vulnerability OBB-2980469

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-41424

Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4SttsAtom::Create function in mp42hls...

CVE-2022-41426

Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4AtomFactory::CreateAtomFromStream function in mp4split...

CVE-2022-41424

Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4SttsAtom::Create function in mp42hls...

CVE-2022-41424

Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4SttsAtom::Create function in mp42hls...

CVE-2022-41424

Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4SttsAtom::Create function in mp42hls...

Memory corruption

Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4SttsAtom::Create function in mp42hls...

UBUNTU-CVE-2022-41424

Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4SttsAtom::Create function in mp42hls...

CVE-2022-41424

Bento4 v1.6.0-639 contains a memory leak in the AP4_SttsAtom::Create function of the mp42hls component, which leads to a denial of service. This vulnerability is documented across multiple sources (CVE-2022-41424) and is consistently described as a memory leak causing DoS. No specific exploit det...

CVE-2022-41424

Bento4 v1.6.0-639 was discovered to contain a memory leak via the AP4SttsAtom::Create function in mp42hls...

PT-2022-25858 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-639 Description: A memory leak was discovered in Bento4 via the AP4 SttsAtom::Create function in mp42hls. Recommendations: For version 1.6.0-639, consider restricting the use of the AP4 SttsAtom::Create function until a...

Bento4 安全漏洞

Bento4 is an open source C library for reading and writing MP4 files. Bento4 v1.6.0-639 contains a denial of service vulnerability that stems from a memory leak in the AP4SttsAtom::Create method of the mp42hls component. An attacker could exploit the vulnerability to cause a denial of service...

The vulnerability of the Create-ProjectManager software management system lies in the lack of protective measures for website structures. This allows attackers to carry out XSS attacks.

The vulnerability of the Create-ProjectManager project management software exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...

CVE-2022-42002

SonicJS through 0.6.0 allows file overwrite. It has the following mutations that are used for updating files: fileCreate and fileUpdate. Both of these mutations can be called without any authentication to overwrite any files on a SonicJS application, leading to Arbitrary File Write and Delete...

Bento4 安全漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A denial of service vulnerability exists in Bento4 version 1.6.0-639, which originates in the AP4StdcFileByteStream::CreateAP4FileByteStream, char const , AP4FileByteStream::Mode, AP4ByteStream& function does not free or fail...

Billing System Project 代码问题漏洞

Billing System Project is a billing system project by Mayuri K. Individual developer. A code issue vulnerability exists in Billing System Project version v1.0, which was discovered to contain a Remote Code Execution RCE vulnerability via component /phpaction/createProduct.php...

PT-2022-25870 · Unknown · Billing System Project

Name of the Vulnerable Software and Affected Versions: Billing System Project version 1.0 Description: The Billing System Project contains a remote code execution RCE issue via the /php action/createProduct.php component. This allows for potential code execution from a remote location...

CVE-2022-3333

A vulnerability, which was classified as problematic, was found in Zephyr Project Manager up to 3.2.4. Affected is an unknown function of the file /v1/tasks/create/ of the component REST Call Handler. The manipulation of the argument onanimationstart leads to cross site scripting. It is possible ...

PT-2022-21772 · Unknown · Zephyr Project Manager

Name of the Vulnerable Software and Affected Versions: Zephyr Project Manager versions up to 3.2.4 Description: A problematic issue was found in the REST Call Handler component, affecting an unknown function of the file /v1/tasks/create/. The manipulation of the onanimationstart argument leads to...