41 matches found
PT-2023-7296
Name of the Vulnerable Software and Affected Versions BusyBox version 1.36.1 Description The issue is related to a use-after-free vulnerability in the evaluate function of the awk.c file in the BusyBox set of UNIX utilities. This vulnerability can be exploited by attackers to cause a denial of...
GHSA-F73W-4M7G-CH9X Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr library
An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library. Patches: Released in v.0.0.308. numexpr dependency is optional for langchain...
CVE-2023-39631
An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library...
PYSEC-2023-163
An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library...
PYSEC-2023-163
An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library...
CVE-2023-39631
An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library...
SUSE CVE-2021-42385
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function...
SUSE CVE-2021-42383
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function...
PT-2022-9061 · Unknown · Node-Import
Name of the Vulnerable Software and Affected Versions: node-import versions all Description: The issue affects the params argument of a module function, which can be controlled by users without proper sanitization. This unsanitized input is then passed to the eval function, located in line 79 of...
Hyperledger: Remote denial of service in HyperLedger Fabric
How to reproduce 1.Bring up the test network.https://hyperledger-fabric.readthedocs.io/en/latest/testnetwork.htmlbring-up-the-test-network 2.Run the PoC. bash go run poc.go -server=192.168.0.208:7051 go package main import "context" "crypto/tls" "flag" "fmt"...
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
...
DEBIAN-CVE-2021-42385
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function...
ALPINE-CVE-2021-42385
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function...
ALPINE-CVE-2021-42383
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function...
DEBIAN-CVE-2021-42383
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function...
CVE-2021-42383
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function...
Design/Logic Flaw
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function...
UBUNTU-CVE-2021-42385
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function...
PT-2021-5547 · Busybox +5 · Busybox +5
Name of the Vulnerable Software and Affected Versions: BusyBox affected versions not specified Description: A use-after-free issue in BusyBox's awk applet can lead to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function. This allows a remote...
BusyBox 资源管理错误漏洞
BusyBox is a set of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian personal developer. BusyBox suffers from a resource management error vulnerability that stems from a denial of service and possible code enforcement due to post-release usage in Busybox's a...