GHSA-9783-42PM-X5JQ Use of Uninitialized Resource in csv-sniffer.

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation within fn preambleskipcount. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading fro...

CVE-2021-45686

An issue was discovered in the csv-sniffer crate through 2021-01-05 for Rust. preambleskipcount may read from uninitialized memory locations...

CVE-2021-45686

An issue was discovered in the csv-sniffer crate through 2021-01-05 for Rust. preambleskipcount may read from uninitialized memory locations...

Memory corruption

An issue was discovered in the csv-sniffer crate through 2021-01-05 for Rust. preambleskipcount may read from uninitialized memory locations...

Rust csv-sniffer crate 安全漏洞

Rust csv-sniffer crate is This csv-sniffercrate provides methods to infer CSV file details delimiter selection, quoted characters, field count, field data type, etc.. Rust csv-sniffer crate A security vulnerability exists in versions prior to 2021-01-05, which stems from the fact that...

CVE-2021-45686

An issue was discovered in the csv-sniffer crate through 2021-01-05 for Rust. preambleskipcount may read from uninitialized memory locations...

CVE-2021-45686

The CVE-2021-45686 issue affects the csv-sniffer crate (Rust) and is due to preamble_skipcount reading from uninitialized memory locations. This can cause undefined behavior and memory exposure in affected builds. Multiple sources (NVD, Red Hat advisories, OSV/GHSA entries) describe the same root...

Grafana 8.0.0-beta3 - 8.3.1 Directory Traversal Vulnerability

Grafana is prone to a directory traversal vulnerability for Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j-remediation-tools Tools for finding and reproducing...

CVE-2021-43815

Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerabili...

December 14, 2021—KB5008285 (Security-only update)

December 14, 2021—KB5008285 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. IMPORTANT Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended suppor...

December 14, 2021—KB5008282 (Security-only update)

December 14, 2021—KB5008282 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. IMPORTANT Windows 7, Windows Server 2008 R2, Windows Embedded Standard 7, and Windows Embedded POS Ready 7 have reached th...

December 14, 2021—KB5008271 (Security-only update)

December 14, 2021—KB5008271 Security-only update Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. IMPORTANT Windows Server 2008 Service Pack 2 SP2 has reached the end of mainstream support and are now in extended support...

December 14, 2021—KB5008244 (Monthly Rollup)

December 14, 2021—KB5008244 Monthly Rollup Summary Learn more about this security update, including improvements and fixes, any known issues, and how to get the update. IMPORTANT Windows 7, Windows Server 2008 R2, Windows Embedded Standard 7, and Windows Embedded POS Ready 7 have reached the end ...

PT-2021-24067 · WordPress · Post Smtp Mailer

Name of the Vulnerable Software and Affected Versions: POST SMTP Mailer plugin for WordPress versions up to, and including, 2.0.20 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the handleCsvExport function. This allows...

Grafana Path Traversal Vulnerability (CNVD-2021-100286)

Grafana is an open source monitoring tool from Grafana Labs that provides a visual monitoring interface. The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus, etc. A path traversal vulnerability exists in Grafana, which stems from the product's failure to effectively...

Path Traversal

github.com/grafana/grafana is vulnerable to Path Traversal. An authenticated attacker can access files outside the expected directory through the arbitrary .csv files when the TestData DB data source is enabled and configured...

Vulnerabilities fixed in Grafana

Grafana Labs has fixed two vulnerabilities in Grafana. The vulnerabilities allow an authenticated malicious person to to gain access to sensitive data. This data is limited to arbitrary .md and .csv files. Obtaining unauthorized access to csv files requires it is necessary that the resource...

CVE-2021-43815

Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerabili...

CVE-2021-43815

Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerabili...