PT-2025-22862 · Docarray · Docarray

Name of the Vulnerable Software and Affected Versions: docarray versions up to 0.40.1 Description: A critical issue affects the getitem function of the /docarray/data/torch dataset.py file in the Web API component. This issue leads to improperly controlled modification of object prototype...

Information Disclosure

AccessControl is vulnerable to Information Disclosure. The vulnerability is due to the formatmap function which allows attackers controlling the format string to read objects accessible via getattr and getitem which can result a critical information disclosure...

GHSA-8XV7-89VJ-Q48C Information disclosure in AccessControl

Impact Python's "format" functionality allows someone controlling the format string to "read" objects accessible recursively via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use Python's full blown getattr and getitem, not the policy...

SUSE CVE-2023-31518

A heap use-after-free in the component CDataFileReader::GetItem of teeworlds v0.7.5 allows attackers to cause a Denial of Service DoS via a crafted map file...

DEBIAN-CVE-2023-31518

A heap use-after-free in the component CDataFileReader::GetItem of teeworlds v0.7.5 allows attackers to cause a Denial of Service DoS via a crafted map file...

CVE-2023-31518

A heap use-after-free in the component CDataFileReader::GetItem of teeworlds v0.7.5 allows attackers to cause a Denial of Service DoS via a crafted map file...

CVE-2023-31518

A heap use-after-free in the component CDataFileReader::GetItem of teeworlds v0.7.5 allows attackers to cause a Denial of Service DoS via a crafted map file...

CVE-2023-31518

A heap use-after-free in the component CDataFileReader::GetItem of teeworlds v0.7.5 allows attackers to cause a Denial of Service DoS via a crafted map file...

UBUNTU-CVE-2023-31518

A heap use-after-free in the component CDataFileReader::GetItem of teeworlds v0.7.5 allows attackers to cause a Denial of Service DoS via a crafted map file...

Heap overflow

A heap use-after-free in the component CDataFileReader::GetItem of teeworlds v0.7.5 allows attackers to cause a Denial of Service DoS via a crafted map file...

Teeworlds 资源管理错误漏洞

Teeworlds is a multiplayer online shooter. A security vulnerability exists in Teeworlds version v0.7.5, which originates in the component CDataFileReader::GetItem that allows for post-release reuse, allowing an attacker to cause a denial of service DoS via a crafted mapping file...

CVE-2023-31518

A heap use-after-free in the component CDataFileReader::GetItem of teeworlds v0.7.5 allows attackers to cause a Denial of Service DoS via a crafted map file...

CVE-2023-31518

The CVE-2023-31518 entry concerns teeworlds v0.7.5, where a heap use-after-free in CDataFileReader::GetItem can be triggered by a crafted map file to cause a Denial of Service. The connected sources confirm the affected component and failure mode but do not provide patch details or fixed versions...

CVE-2023-31518

A heap use-after-free in the component CDataFileReader::GetItem of teeworlds v0.7.5 allows attackers to cause a Denial of Service DoS via a crafted map file...

SUSE CVE-2019-6445

An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntpcontrol.c, related to ctlgetitem...

SUSE CVE-2019-6443

An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctlgetitem, there is a stack-based buffer over-read in readsysvars in ntpcontrol.c in ntpd...

CVE-2022-4773

UNSUPPORTED WHEN ASSIGNED A vulnerability classified as problematic was found in cloudsync. Affected by this vulnerability is the function getItem of the file src/main/java/cloudsync/connector/LocalFilesystemConnector.java. The manipulation leads to path traversal. It is possible to launch the...

Path traversal

UNSUPPORTED WHEN ASSIGNED A vulnerability classified as problematic was found in cloudsync. Affected by this vulnerability is the function getItem of the file src/main/java/cloudsync/connector/LocalFilesystemConnector.java. The manipulation leads to path traversal. It is possible to launch the...

cloudsync 路径遍历漏洞

cloudsync is a complete backup solution for private data by Holger Hees personal developer. Incrementally synchronize local filesystems on linux, windows and osx and encrypt to rsync using google drive simliar. A path traversal vulnerability exists in cloudsync, which stems from a problem with th...

PT-2022-28084 · Cloudsync · Cloudsync

Name of the Vulnerable Software and Affected Versions: cloudsync affected versions not specified Description: A problematic vulnerability was found in cloudsync, affecting the getItem function of the LocalFilesystemConnector.java file. This vulnerability leads to path traversal and can be exploit...