Lucene search
K

5 matches found

SUSE CVE
SUSE CVE
added 2025/02/14 5:49 a.m.10 views

SUSE CVE-2024-2746

Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...

8.8CVSS6.8AI score0.00213EPSS
Exploits1References3
NVD
NVD
added 2022/07/25 2:15 p.m.17 views

CVE-2020-28461

This affects the package js-ini before 1.3.0. If an attacker submits a malicious INI file to an application that parses it with parse , they will pollute the prototype on the application. This can be exploited further depending on the context...

9.8CVSS0.00984EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/07/25 2:6 p.m.22 views

CVE-2020-28441 Prototype Pollution

This affects the package conf-cfg-ini before 1.2.2. If an attacker submits a malicious INI file to an application that parses it with decode, they will pollute the prototype on the application. This can be exploited further depending on the context...

7.3CVSS9.4AI score0.00984EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/07/25 12:0 a.m.6 views

PT-2022-8895 · Unknown · Conf-Cfg-Ini

Name of the Vulnerable Software and Affected Versions: conf-cfg-ini versions prior to 1.2.2 Description: The issue arises when an attacker submits a malicious INI file to an application that parses it with decode, resulting in prototype pollution on the application. This can be exploited further...

9.8CVSS9.3AI score0.00984EPSS
Exploits1References9
securityvulns
securityvulns
added 2002/10/03 12:0 a.m.40 views

MySQL Windows buffer overflow

Buffer overflow on .ini-file parsing...

4.6AI score
Exploits0References1Affected Software1
Rows per page
Query Builder