CVE-2022-41404

An issue in the fetch method in the BasicProfile class of org.ini4j through version v0.5.4 allows attackers to cause a Denial of Service DoS via unspecified vectors...

org.ini4j 安全漏洞

org.ini4j is a collection of Online Gambling Agents, Online Togel, Online Poker, Online Casino, Soccer Gambling, Online Slots. A security vulnerability exists in versions prior to org.ini4j v0.5.4 that stems from a problem with the fetch method in the BasicProfile class that allows an attacker to...

CVE-2022-41404

An issue in the fetch method in the BasicProfile class of org.ini4j through version v0.5.4 allows attackers to cause a Denial of Service DoS via unspecified vectors...

Important: Red Hat Security Advisory: Service Registry (container images) release and security update [2.3.0.GA]

An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact o...

node-fetch: exposure of sensitive information to an unauthorized actor

A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as "Authorization," "WWW-Authenticate," and "Cookie" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized...

cross-fetch: Exposure of Private Personal Information to an Unauthorized Actor

A flaw was found in the cross-fetch library when fetching a remote URL with a cookie when it gets to the Location response header. This flaw allows an attacker to hijack the account as the cookie is leaked...

node-fetch: exposure of sensitive information to an unauthorized actor

A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as "Authorization," "WWW-Authenticate," and "Cookie" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized...

Blog2Social < 6.9.10 - Subscriber+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscribers PoC Run the script below in the web browser console while being logged in as a subscriber and on the Blog2Social...

CVE-2022-41844

An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetchint, int, Object, int in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088...

CVE-2022-41844

An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetchint, int, Object, int in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088...

Design/Logic Flaw

An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetchint, int, Object, int in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088...

UBUNTU-CVE-2022-41844

An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetchint, int, Object, int in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088...

CVE-2022-41844

CVE-2022-41844 affects Xpdf 4.04, causing a crash in XRef::fetch(int, int, Object*, int) (xpdf/XRef.cc). It is distinguished from CVE-2018-16369 and CVE-2019-16088. Several advisories note fixes/upgrades; for mitigation, upgrading to a newer Xpdf version is recommended (e.g., &gt;=app-text/xpdf-4...

CVE-2022-41844

An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetchint, int, Object, int in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088...

CVE-2022-41844

An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetchint, int, Object, int in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088...

CVE-2022-41844

An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetchint, int, Object, int in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088...

CVE-2022-41844

An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetchint, int, Object, int in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088...

MAL-2022-3012 Malicious code in fetch-safer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf1dfb3a2d6ecc40cc3b0b3fcfd3a2e700e4c55872a0cbf2d1094ee714202f24 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in fetch-safer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf1dfb3a2d6ecc40cc3b0b3fcfd3a2e700e4c55872a0cbf2d1094ee714202f24 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OESA-2022-1950 ansible security update

\ Security Fixes: A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the...