186 matches found
Malicious code in focal-todomvc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16b67b7a3687f16911a077102bd98fe5720d14993c8093d88351c3036f11b73f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3090 Malicious code in focal-todomvc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16b67b7a3687f16911a077102bd98fe5720d14993c8093d88351c3036f11b73f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Privilege Escalation
linux-gcp:focal is vulnerable to privilege escalation. The vulnerability exists in afllc.c which allows an attacker to craft and inject malicious attacks...
CVE-2022-26981
Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c called, indirectly, by tools/louchecktable.c...
Divide By Zero
speex:focal is vulnerable to a Divide by Zero vulnerability. The function static int readsamples allows attackers to cause a denial of service DoS via a crafted WAV file...
Heap-based Buffer Overflow in gpac/gpac
Description Heap-based Buffer Overflow in gpac Proof of Concept Version: MP4Box - GPAC version 1.1.0-DEV-rev1659-g7d3281e88-master c 2000-2022 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io Please cite our work in your research: GPAC Filters: https://doi.org/10.1145/3339825.3394929...
Classic Buffer Overflow in gpac/gpac
Description Buffer Overflow in gpac Proof of Concept Version: MP4Box - GPAC version 1.1.0-DEV-rev1647-gb6f68145e-master c 2000-2022 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io Please cite our work in your research: GPAC Filters: https://doi.org/10.1145/3339825.3394929 GPAC:...
CVE-2021-45087
XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title...
CVE-2021-4019
vim is vulnerable to Heap-based Buffer Overflow...
Denial-of-service (DoS)
systemd:focal is vulnerable to denial-of-service. The vulnerability exists in DHCP client which allows an attacker to send a specially crafted DHCP FORCERENEW packet causing an application crash...
Arbitrary File Read
apport:focal is vulnerable to arbitary file read due to a flaw in the function addinfo...
Microsoft Hyper-V 远程代码执行漏洞(CVE-2021-28476)
CVE-2021-28476: a guest-to-host "Microsoft Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys. This is a proof of concept for CVE-2021-28476 "Hyper-V Remote Code Execution Vulnerability", an arbitrary memory read in vmswitch.sys Network virtualization service provider patched by Microso...
Exploit for CVE-2021-28476
CVE-2021-28476: a guest-to-host "Microsoft Hyper-V Remote Code...
Denial Of Service (DoS)
chromium-browser:focal is vulnerable to denial of service DoS. Heap-based buffer overflow in j2k.c in OpenJPEG allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid JPEG2000 data in a PDF document...
CVE-2020-16220
In Patient Information Center iX PICiX Versions C.02, C.03, PerformanceBridge Focal Point Version A.01, the product receives input that is expected to be well-formed i.e., to comply with a certain syntax but it does not validate or incorrectly validates that the input complies with the syntax,...
CVE-2020-16220
In Patient Information Center iX PICiX Versions C.02, C.03, PerformanceBridge Focal Point Version A.01, the product receives input that is expected to be well-formed i.e., to comply with a certain syntax but it does not validate or incorrectly validates that the input complies with the syntax,...
Input validation
In Patient Information Center iX PICiX Versions C.02, C.03, PerformanceBridge Focal Point Version A.01, the product receives input that is expected to be well-formed i.e., to comply with a certain syntax but it does not validate or incorrectly validates that the input complies with the syntax,...
CVE-2020-16222
In Patient Information Center iX PICiX Version B.02, C.02, C.03, and PerformanceBridge Focal Point Version A.01, when an actor claims to have a given identity, the software does not prove or insufficiently proves the claim is correct...
CVE-2020-16228
In Patient Information Center iX PICiX Versions C.02 and C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and prior, the software does not check or incorrectly checks the revocation status of a certificate...
CVE-2020-16222
In Patient Information Center iX PICiX Version B.02, C.02, C.03, and PerformanceBridge Focal Point Version A.01, when an actor claims to have a given identity, the software does not prove or insufficiently proves the claim is correct...