PT-2022-11231 · Gerbv +3 · Gerbv +3

Name of the Vulnerable Software and Affected Versions: Gerbv versions 2.7.0 through 2.8.0 Gerbv dev commit b5f1eacd Description: An information disclosure issue exists in the pick-and-place rotation parsing functionality. A specially-crafted pick-and-place file can exploit the missing...

Gerbv 安全漏洞

Gerbv is a Gerber file Rs-274X only viewer. It is used to view Rs-274X Gerber files, Excellon drill files, and Pick-N-Place files. A security vulnerability exists in Gerbv that stems from a faulty initialization of the product's pick-and-place rotation feature. An attacker could cause a memory le...

c4v-py (>=0.1.0.dev1 <=0.1.0.dev202107081840) potentially affected by CVE-2021-29519 via tensorflow-cpu (=2.3.1)

tensorflow-cpu PYPI version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - c4v-py =0.1.0.dev1, =0.1.0.dev202107081840 Source cves: CVE-2021-29519 Source advisory: OSV:PYSEC-2021-447...

CVE-2015-5062

Open redirect vulnerability in SilverStripe CMS & Framework 3.1.13 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnURL parameter to dev/build...

Mozilla Firefox Bootstrapped Addon Social Engineering Code Execution

Mozilla Firefox before version 41 allowed users to install unsigned browser extensions from arbitrary web servers. This module dynamically creates an unsigned .xpi addon file. The resulting bootstrapped Firefox addon is presented to the victim via a web page. The victim's Firefox browser will pop...