@qbunnyteam/superlogin (>=0.0.3 <=0.0.4), @sensu/superlogin (>=1.2.2 <=1.2.6) +16 more potentially affected by CVE-2020-7673 via node-extend (=0.2.0)

node-extend NPM version =0.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on node-extend and may be impacted: - @qbunnyteam/superlogin =0.0.3, =1.2.2, =0.1.0, =0.1.0, =0.0.0, =0.2.0, =4.1.4, =1.1.0, =1.4.1 and more Source cves: CVE-2020-7673 Source...

GHSA-J32X-J8PJ-PG2H Prototype Pollution in decal

This affects all versions of package decal. The vulnerability is in the extend function...

Prototype Pollution in decal

This affects all versions of package decal. The vulnerability is in the extend function...

Rust Out-of-Bounds Write Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust on 2021-02-19 and earlier versions, which stems from an out-of-bounds write in StackVec::extend that could result in an out-of-bounds write if certain exception data is...

DEBIAN-CVE-2021-29939

An issue was discovered in the stackvector crate through 2021-02-19 for Rust. There is an out-of-bounds write in StackVec::extend if sizehint provides certain anomalous data...

UBUNTU-CVE-2021-29939

An issue was discovered in the stackvector crate through 2021-02-19 for Rust. There is an out-of-bounds write in StackVec::extend if sizehint provides certain anomalous data...

CVE-2021-29939

An issue was discovered in the stackvector crate through 2021-02-19 for Rust. There is an out-of-bounds write in StackVec::extend if sizehint provides certain anomalous data...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust on 2021-02-19 and earlier versions, which stems from an out-of-bounds write in StackVec::extend that could result in an out-of-bounds write if certain exception data is...

Huawei EulerOS: Security Advisory for net-snmp (EulerOS-SA-2021-1660)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL MAIN 6.02 : net-snmp Vulnerability (NS-SA-2021-0062)

The remote NewStart CGSL host, running version MAIN 6.02, has net-snmp packages installed that are affected by a vulnerability: - Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root...

EulerOS Virtualization 3.0.6.6 : net-snmp (EulerOS-SA-2021-1501)

According to the versions of the net-snmp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link symlink following.CVE-2020-15861 - Net-SNM...

EulerOS Virtualization for ARM 64 3.0.6.0 : net-snmp (EulerOS-SA-2021-1550)

According to the versions of the net-snmp packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the...

PT-2021-7754 · Stb +3 · Stb +3

Name of the Vulnerable Software and Affected Versions: stb versions 2.26 Description: The issue is related to a buffer overflow vulnerability in the stbi extend receive function of the stb image.h component in the stb library for C/C++. This vulnerability can be exploited by a remote attacker usi...

RUSTSEC-2021-0048 StackVec::extend can write out of bounds when size_hint is incorrect

StackVec::extend used the lower and upper bounds from an Iterator's sizehint to determine how many items to push into the stack based vector. If the sizehint implementation returned a lower bound that was larger than the upper bound, StackVec would write out of bounds and overwrite memory on the...

StackVec::extend can write out of bounds when size_hint is incorrect

StackVec::extend used the lower and upper bounds from an Iterator's sizehint to determine how many items to push into the stack based vector. If the sizehint implementation returned a lower bound that was larger than the upper bound, StackVec would write out of bounds and overwrite memory on the...

nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties

The utilities function in all versions = 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all object...

net-snmp: Improper Privilege Management in EXTEND MIB may lead to privileged commands execution

A flaw was found in Net-SNMP through version 5.73, where an Improper Privilege Management issue occurs due to SNMP WRITE access to the EXTEND MIB allows running arbitrary commands as root. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

RHEL 7 : net-snmp (RHSA-2021:0525)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0525 advisory. The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol SNMP, including an SNMP library, an extensible...

nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties

The utilities function in all versions = 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all object...

Prototype Pollution

decal is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype via the extend function...