624 matches found
CVE-2023-1696
The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability...
Design/Logic Flaw
The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability...
CVE-2023-1696
The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability...
CVE-2023-1696
The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability...
CVE-2023-1696
CVE-2023-1696 affects Huawei HarmonyOS multimedia video module. The issue is a data processing vulnerability in that module, with exploitation leading to availability impact. No detailed affected version list is provided in the connected documents; exploitation status is not specified. CVSSv3.1 i...
PT-2023-17179 · Unknown · Multimedia Video Module
Name of the Vulnerable Software and Affected Versions: Multimedia video module affected versions not specified Description: The issue is related to a vulnerability in the data processing of the multimedia video module. Successful exploitation of this vulnerability may affect availability...
Acceptance of Extraneous Untrusted Data With Trusted Data
Overview johnpbloch/wordpress-core is a web software you can use to create a website or blog. Affected versions of this package are vulnerable to Acceptance of Extraneous Untrusted Data With Trusted Data through the processing of shortcodes in user-generated content. An attacker can manipulate...
PT-2023-21305 · Sourcecodester · Sourcecodester Online Exam System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Exam System version 1.0 Description: A critical issue has been found in the processing of the file /jurusanmatkul/data, where the manipulation of the argument columns1data leads to SQL injection. The attack can be...
Moderate: Red Hat Security Advisory: jackson security update
An update for jackson-annotations, jackson-core, jackson-databind, jackson-jaxrs-providers, and jackson-modules-base is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS...
ALSA-2023:2312 Moderate: jackson security update
Jackson is a suite of data-processing tools for Java, including the flagship streaming JSON parser / generator library, matching data-binding library, and additional modules to process data encoded in various other data formats. Security Fixes: jackson-databind: denial of service via a large dept...
Apache Spark Command Injection Vulnerability (CNVD-2023-71729)
Apache Spark is a large-scale data processing engine that supports acyclic data streaming and in-memory computing from the Apache Foundation. Apache Spark suffers from a command injection vulnerability that stems from the fact that if ACLs are enabled, a code path in the HttpSecurityFilter can...
CVE-2023-26285
IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data. IBM X-Force ID: 248418...
CVE-2023-28008
HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...
Italian Watchdog Bans OpenAI's ChatGPT Over Data Protection Concerns
The Italian data protection watchdog, Garante per la Protezione dei Dati Personali aka Garante, has imposed a temporary ban of OpenAI's ChatGPT service in the country, citing data protection concerns. To that end, it has ordered the company to stop processing users' data with immediate effect,...
CVE-2023-28427
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data...
CVE-2023-28427 Prototype pollution in matrix-js-sdk
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data...
CVE-2023-28427
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data...
CVE-2022-36059
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 19.4.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data...
Denial Of Service (DoS)
github.com/crewjam/saml is vulnerable to Denial of Service DoS attacks. The vulnerability is due to the flate.NewReader function because it allows users to pass more than 1 MB of data to the processing functions, which will be decompressed server-side. After repeating the request a number of time...
ROS-20230322-03
A vulnerability in the Git program is related to the input of processed input data - a path outside the working tree can be overwritten by a user running "git apply". Exploiting the vulnerability could allow an attacker acting remotely to run the affected command against a malicious or compromise...