PT-2022-12393 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 1.1.0 Description: The issue is related to an invalid call in the gf node changed function, which can lead to a Denial of Service DoS. Recommendations: For GPAC version 1.1.0, consider disabling the gf node changed function as a...

CVE-2020-23890

A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service DoS via a crafted JPG file. Related to Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at JPGCodec+0x753648...

Denial Of Service (DoS)

vyper is vulnerable to denial of service. The vulnerability exits due to an incorrect pointer pointed to the top of the stack when performing a function call inside a literal struct, allowing a malicious user to cause an application crash...

CVE-2021-41121

Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions when performing a function call inside a literal struct, there is a memory corruption issue that occurs because of an incorrect pointer to the the top of the stack. This issue has been resolved in version 0.3.0...

PYSEC-2021-365

Vyper is a Pythonic Smart Contract Language for the EVM. In affected versions when performing a function call inside a literal struct, there is a memory corruption issue that occurs because of an incorrect pointer to the the top of the stack. This issue has been resolved in version 0.3.0...

CVE-2021-39257

A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain starting from ntfsattrpwrite, causing stack consumption in NTFS-3G 2021.8.22...

CVE-2021-33684

SAP NetWeaver AS ABAP and ABAP Platform, versions - KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 8.04, 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 8.04, 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.77,...

CVE-2021-27610

SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 804, does not create information about internal and external RFC user in consistent and distinguished format, which could lead to improper authentication and may be exploited by maliciou...

PT-2021-17568 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS for ABAP RFC Gateway versions 7.22 through 7.83 Description: The issue allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network, triggering an internal erro...

addRegistrationTributeGovernance shoud call_addGovernanceTribute ?

Handle gpersoon Vulnerability details Impact The function addRegistrationTributeGovernance makes a call to addTribute, the same as addRegistrationTribute is doing However a function addGovernanceTribute also exists and this function is never called. It seem more logical that...

Integer overflow in CipherUpdate

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

PT-2020-17372 · Mediawiki +1 · Mediawiki +2

Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.35.1 Widgets extension for MediaWiki versions through 1.35.1 Description: An issue was discovered in the Widgets extension for MediaWiki, where any user with the ability to edit pages within the Widgets namespace...

ALPINE-CVE-2020-29362

An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS11 function call, the receiving...

PT-2020-16516 · Sap · Sap As Abap +1

Name of the Vulnerable Software and Affected Versions: SAP AS ABAP SAP Landscape Transformation versions 2011 1 620 through 2020 SAP S4 HANA SAP Landscape Transformation versions 101 through 105 Description: The issue allows a high privileged user to execute a RFC function module to which access...

OS Command Injection

gfc is vulnerable to OS command injection. The vulnerability exists through the lack of sanitization of the options argument which leads to passing of untrusted user input to an exec function call...

Security & Malware scan by CleanTalk < 2.51 - Security Nonce Leak leading to Unauthorised AJAX call

Security nonce leak, allowing any authenticated users such as subscribers to make unauthorised AJAX call which could lead to arbitrary file deletion/download and function call. Note WPScanTeam: We do not consider the issue fully remediated, as the AJAX calls rely on CSRF check for authorisation,...

CVE-2020-7950

meshsystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a vulnerable function call...

CVE-2020-7950

meshsystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a vulnerable function call...

CVE-2019-16277

PicoC 2.1 has a heap-based buffer overflow in StringStrcpy in cstdlib/string.c when called from ExpressionParseFunctionCall in expression.c...

Local File Inclusion

larvitbase-www is vulnerable to local file inclusion. The package uses an exposed API endpoint that accepts an unvalidated GET parameter to a require function call. This could potentially allow a remote attacker to execute any .js files within the web server. Successful exploitation causes the...