CVE-2022-36862

A heap-based overflow vulnerability in HWR::EngineCJK::Impl::Construct in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault...

CVE-2022-35121

Novel-Plus v3.6.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /service/impl/BookServiceImpl.java...

Malicious code in @bmw-ispi-workplace/dms-impl (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6898e8320468b4c586b03d0d2846a7e478816d08de35b21e51f3c6bc1d3a1324 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ui-sfdc-javascript-impl (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e014b3d7a9c682041c47e65f5c0c327fed3a54fa614920a8f64c09876b7e90ac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6756 Malicious code in ui-sfdc-javascript-impl (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e014b3d7a9c682041c47e65f5c0c327fed3a54fa614920a8f64c09876b7e90ac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

audir (=0.1.0), com-impl (>=0.1.0 <=0.1.1) +6 more potentially affected by CVE-2021-45681 via derive-com-impl (=0.1.1)

derive-com-impl CARGO version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on derive-com-impl and may be impacted: - audir =0.1.0 - com-impl =0.1.0, =0.3.0-alpha1, =0.3.0-alpha1, =0.3.0-alpha4 - dxgi =0.3.0-alpha4 - wic =0.3.0-alpha1 Source cves...

com.nirima:docker-plugin (>=0.17 <=1.0.4), com.testinium.jenkins:testinium (=1.0) +37 more potentially affected by CVE-2019-1010241 via org.jenkins-ci.plugins:credentials-binding (>=1.10 <=1.16)

org.jenkins-ci.plugins:credentials-binding MAVEN version =1.10, =0.17, =1.0.43, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.1-preview-1, =1.2.7, =0.1.0, =0.1.1, =0.4.2 and more Source cves: CVE-2019-1010241 Source advisory: SNYK:JAVA-ORGJENKINSCIPLUGINS-9402853...

au.com.permeance:liferay-clojure-integration (=0.1), com.liferay.maven.plugins:liferay-maven-plugin (>=6.0.2 <=6.0.6) +6 more potentially affected by CVE-2010-5327 via com.liferay.portal:portal-impl (>=5.2.3 <=6.2.1)

com.liferay.portal:portal-impl MAVEN version =5.2.3, =6.0.2, =6.1.2, =5.2.3, =2.4, =1.0, =2.0, =2.5 Source cves: CVE-2010-5327 Source advisory: OSV:GHSA-97GM-MCV6-CPHM...

com.github.httpmock:mock-http-server-junit (>=1.0.0 <=1.1.5), com.github.httpmock:mock-http-server-standalone (>=1.0.0 <=1.1.9) +41 more potentially affected by CVE-2011-4367 via org.apache.myfaces.core:myfaces-impl (>=2.1.0 <=2.1.5)

org.apache.myfaces.core:myfaces-impl MAVEN version =2.1.0, =1.0.0, =1.0.0, =0.9.5, =0.9.6, =0.9.6, =2.4.2, =2.1.0, =2.1.0, =2.1.3, =2.1.3, =2.1.3, =2.1.3, =1.0.1, =1.5.1, =1.5.1, =1.7.5 and more Source cves: CVE-2011-4367 Source advisory: OSV:GHSA-GJFX-9WX3-J6R7...

MariaDB 资源管理错误漏洞

MariaDB is a free and open source database management system from the MariaDB Foundation and a branch version of MySQL that uses the Maria storage engine. a memory misquote vulnerability exists in MariaDB v10.6.3 and lower, which originates in the /strings/ctype-simple.c component my...

CVE-2021-39803

In Impl of C2AllocatorIon.cpp, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12...

Google Android 代码问题漏洞

Google Android is a Linux-based open source operating system from Google, Inc. A denial-of-service vulnerability exists in Google Android, which stems from a possible crash in the re-initialization of HeifDecoderImpl.cpp due to a missing null check. A remote attacker could exploit the vulnerabili...

ASB-A-193790350

In Impl of C2AllocatorIon.cpp, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

AZL-8603 CVE-2022-25235 affecting package expat for versions less than 2.4.8-1

xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context...

GHSA-W4CC-PC2H-WHCJ Out-of-bounds Write in derive-com-impl

An issue was discovered in the derive-com-impl crate before 0.1.2 for Rust. An invalid reference and memory corruption can occur because AddRef might not be called before returning a pointer...

Out-of-bounds Write in derive-com-impl

An issue was discovered in the derive-com-impl crate before 0.1.2 for Rust. An invalid reference and memory corruption can occur because AddRef might not be called before returning a pointer...

CVE-2021-45681

An issue was discovered in the derive-com-impl crate before 0.1.2 for Rust. An invalid reference and memory corruption can occur because AddRef might not be called before returning a pointer...

Memory corruption

An issue was discovered in the derive-com-impl crate before 0.1.2 for Rust. An invalid reference and memory corruption can occur because AddRef might not be called before returning a pointer...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in versions of Rust derive-com-impl crate prior to 0.1.2, which may result in invalid references and memory corruption...

CVE-2021-45681

An issue was discovered in the derive-com-impl crate before 0.1.2 for Rust. An invalid reference and memory corruption can occur because AddRef might not be called before returning a pointer...