19 matches found
External Control of Critical State Data
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to External Control of Critical State Data in the CLI routing process after failed service resolution, where Bonjour and DNS-SD TXT metadata could still influence the chosen target. An...
EUVD-2018-0266
Malware in sbrugna...
EUVD-2022-27301
Malicious code in bioql PyPI...
EUVD-2024-19944
Malicious code in bioql PyPI...
CVE-2023-0575
External Control of Critical State Data, Improper Control of Generation of Code 'Code Injection' vulnerability in YugaByte, Inc. Yugabyte DB on Windows, Linux, MacOS, iOS DevopsBase.Java:execCommand, TableManager.Java:runCommand modules allows API Manipulation, Privilege Abuse. This vulnerability...
CVE-2023-0575 Remote Code Execution
External Control of Critical State Data, Improper Control of Generation of Code 'Code Injection' vulnerability in YugaByte, Inc. Yugabyte DB on Windows, Linux, MacOS, iOS DevopsBase.Java:execCommand, TableManager.Java:runCommand modules allows API Manipulation, Privilege Abuse. This vulnerability...
CVE-2022-22154
In a Junos Fusion scenario an External Control of Critical State Data vulnerability in the Satellite Device SD control state machine of Juniper Networks Junos OS allows an attacker who is able to make physical changes to the cabling of the device to cause a denial of service DoS. An SD can get...
CVE-2022-22154
In a Junos Fusion scenario an External Control of Critical State Data vulnerability in the Satellite Device SD control state machine of Juniper Networks Junos OS allows an attacker who is able to make physical changes to the cabling of the device to cause a denial of service DoS. An SD can get...
Xxe
In a Junos Fusion scenario an External Control of Critical State Data vulnerability in the Satellite Device SD control state machine of Juniper Networks Junos OS allows an attacker who is able to make physical changes to the cabling of the device to cause a denial of service DoS. An SD can get...
CVE-2022-22154 Junos Fusion: A Satellite Device can be controlled by rewiring it to a foreign AD causing a DoS
In a Junos Fusion scenario an External Control of Critical State Data vulnerability in the Satellite Device SD control state machine of Juniper Networks Junos OS allows an attacker who is able to make physical changes to the cabling of the device to cause a denial of service DoS. An SD can get...
GHSA-4X6V-RWH4-55JW Pomelo allows external control of critical state data
Pomelo v2.2.5 allows external control of critical state data. A malicious user input can corrupt arbitrary methods and attributes in template/game-server/app/servers/connector/handler/entryHandler.js because certain internal attributes can be overwritten via a conflicting name. Hence, a malicious...
Pomelo allows external control of critical state data
Pomelo v2.2.5 allows external control of critical state data. A malicious user input can corrupt arbitrary methods and attributes in template/game-server/app/servers/connector/handler/entryHandler.js because certain internal attributes can be overwritten via a conflicting name. Hence, a malicious...
CVE-2019-18954
Pomelo v2.2.5 allows external control of critical state data. A malicious user input can corrupt arbitrary methods and attributes in template/game-server/app/servers/connector/handler/entryHandler.js because certain internal attributes can be overwritten via a conflicting name. Hence, a malicious...
Xxe
Pomelo v2.2.5 allows external control of critical state data. A malicious user input can corrupt arbitrary methods and attributes in template/game-server/app/servers/connector/handler/entryHandler.js because certain internal attributes can be overwritten via a conflicting name. Hence, a malicious...
CVE-2019-18954
Pomelo v2.2.5 is affected by CVE-2019-18954, a prototype-pollution vulnerability where a malicious user input can overwrite internal attributes in template/game-server/app/servers/connector/handler/entryHandler.js, enabling external control of critical state data. The issue arises from conflictin...
Hardcoded credentials
html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the 'sanitized' variable causing sanitization to be bypassed...
CVE-2017-0928
html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the 'sanitized' variable causing sanitization to be bypassed...
CVE-2017-0928
html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the 'sanitized' variable causing sanitization to be bypassed...
CVE-2017-0928
html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the 'sanitized' variable causing sanitization to be bypassed...