Malicious code in vpro-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2f253aa388076bf368b5ac423864b7d018841dec34f8653f44275ebda501d6a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

npm create-choo-electron 安全漏洞

npm create-choo-electron is a program from npm USA. It is used to create a new Choo Electron application. A security vulnerability exists in create-choo-electron, which stems from the devInstall function not validating user input...

CVE-2023-23143

Buffer overflow vulnerability in function avcparseslice in file mediatools/avparsers.c. GPAC version 2.3-DEV-rev1-g4669ba229-master...

CVE-2023-23143

GPAC multimedia framework (GPAC 2.3-DEV-rev1-g4669ba229-master) contains a buffer overflow in avc_parse_slice() inside media_tools/av_parsers.c. The CVE-2023-23143 issue has high impact (local access, requires user interaction per NVD) and may allow denial of service or arbitrary code execution. ...

DEBIAN-CVE-2023-0358

Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV...

Design/Logic Flaw

Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV...

UBUNTU-CVE-2023-0358

Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV...

CVE-2023-0358 Use After Free in gpac/gpac

Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV...

GSD-2023-1001602 orangefs: Fix sysfs not cleanup when dev init failed

orangefs: Fix sysfs not cleanup when dev init failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...

GSD-2023-1001406 orangefs: Fix sysfs not cleanup when dev init failed

orangefs: Fix sysfs not cleanup when dev init failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1000682 orangefs: Fix sysfs not cleanup when dev init failed

orangefs: Fix sysfs not cleanup when dev init failed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

GSD-2023-1000377 btrfs: handle case when repair happens with dev-replace

btrfs: handle case when repair happens with dev-replace This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.19 by commit...

PT-2023-34730 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.9.337 Description: A potential memory leak issue was discovered in the pmu dev alloc function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

PT-2023-33787 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue concerns error handling in the hci register dev function. It was introduced in version v5.7 and fixed in version v6.0.16. The actual impact and attack plausibility have not yet bee...

PT-2023-33918 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue is related to a memory leak in the pnp alloc dev function. It was introduced in version v2.6.30 and fixed in version v6.0.16. The actual impact and attack plausibility have not yet...

PT-2024-11865 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A reference count leak in the Linux kernel has been identified and resolved. The issue is related to the dmar dev scope init function in the iommu/vt-d component. The for each pci dev...

dev-cms.okta.net Cross Site Scripting vulnerability OBB-3133177

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

The vulnerability of the Dev UI Config Editor component in the quarkus Java framework, which allows a hacker to execute arbitrary code.

The vulnerability of the Dev UI Config Editor component in the quarkus Java framework is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2022-47663

GPAC MP4box 2.1-DEV-rev649-ga8f438d20 is vulnerable to buffer overflow in h263dmxprocess filters/reframeh263.c:609...

CVE-2022-47656

GPAC MP4box 2.1-DEV-rev617-g85ce76efd is vulnerable to Buffer Overflow in gfhevcreadspsbsinternal function of mediatools/avparsers.c:8273...