2881 matches found
CVE-2023-34669
TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cstemodules/system which can reboot the system...
Denial of service
TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cstemodules/system which can reboot the system...
CVE-2023-34669
TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cstemodules/system which can reboot the system...
GO-2023-1733 Timing attack from non-constant time scalar arithmetic in github.com/bnb-chain/tss-lib
Timing attack from non-constant time scalar arithmetic in github.com/bnb-chain/tss-lib...
GO-2023-1867 Replay attacks involving proofs in github.com/bnb-chain/tss-lib
Replay attacks involving proofs in github.com/bnb-chain/tss-lib...
Security Bulletin: IBM Match 360 is vulnerable to Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes (CVE-2020-14422)
Summary Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or...
app.cash.backfila:client-misk (>=0.1.0 <=2023.11.24.141218-0357917), app.cash.backfila:client-misk-dynamodb (>=0.1.3-20210127.1838-76ab4fc <=0.1.4-20210806.0204-5341f38) +1456 more potentially affected by CVE-2023-33201 via org.bouncycastle:bcprov-ext-jdk15on (>=1.49 <=1.70)
org.bouncycastle:bcprov-ext-jdk15on MAVEN version =1.49, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210805.0116-93702c4, =0.1.3-20210805.0116-93702c4, =0.1.0, =2023.06.07.114626-93b9d6f, =0.1.0, =0.1.4-20220614.0152-5ae0eef, =3.0.1, =2.10.0-11-1, =1.1.5, =1.0.2,...
urlnorm 安全漏洞
urlnorm is a URL normalization library for Rust open sourced by progscrape. A security vulnerability exists in urlnorm version 0.1.4 and earlier, which stems from a vulnerability that allows a regular expression denial of service ReDos via a crafted lib.rs URL...
CVE-2023-34880
cmseasy v7.7.7.7 20230520 was discovered to contain a path traversal vulnerability via the addaction method at lib/admin/languageadmin.php. This vulnerability allows attackers to execute arbitrary code and perform a local file inclusion...
cyfs-chunk-lib (=0.5.0), cyfs-cip (>=0.5.0 <=0.6.4) +1 more potentially affected by unknown CVE via cyfs-base (>=0.5.5 <=0.6.12)
cyfs-base CARGO version =0.5.5, =0.5.0, =0.6.4 - cyfs-core =0.5.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2023-0046...
CVE-2023-34880
CVE-2023-34880 affects CmsEasy CMS v7.7.7.7 (20230520) and is caused by a path traversal vulnerability in the add_action method of lib/admin/language_admin.php. The issue allows an attacker to execute arbitrary code and perform local file inclusion (LFI). Documents indicate high-severity impact (...
utlib.ut.ee Cross Site Scripting vulnerability OBB-3381188
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
K000134818: Python XML RPC vulnerability CVE-2019-16935
Security Advisory Description The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the servertitle field. This occurs in Lib/DocXMLRPCServer. py in Python 2.x, and in Lib/xmlrpc/server. py in Python 3.x. If setservertitle is called with...
RHEL 8 : python39:3.9 and python39-devel:3.9 (RHSA-2023:2764)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2764 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2023-1887)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability of the _copy_from_user() function in the lib/usercopy.c module of the Linux kernel allows a hacker to disclose protected information.
The vulnerability of the copyfromuser function in the lib/usercopy.c module of the Linux kernel is related to the characteristics of the branch prediction module’s operation. Exploiting this vulnerability allows an attacker to gain access to protected memory from a program that does not have the...
CVE-2023-29778
GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command Injection via /usr/lib/oui-httpd/rpc/logread...
CVE-2023-29778
GL.iNET MT3000 4.1.0 Release 2 is documented as vulnerable to an OS Command Injection via the /usr/lib/oui-httpd/rpc/logread endpoint. The affected component is the logread handler in the oui-httpd path; CVSS v3.1 metrics indicate a critical impact (CRITICAL, 9.8) affecting confidentiality, integ...
EulerOS Virtualization 2.9.0 : emacs (EulerOS-SA-2023-1669)
According to the versions of the emacs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because...
ape-safe (=0.6.0), ape-vyper (>=0.7.1 <=0.8.3) +19 more potentially affected by CVE-2023-30629 via vyper (>=0.3.1 <=0.3.7)
vyper PYPI version =0.3.1, =0.7.1, =0.5.0, =0.5.0, =0.2.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.17.2, =0.0.0, =0.6.0, =2.0.0a1, =2.2.4 and more Source cves: CVE-2023-30629 Source advisory: OSV:GHSA-W9G2-3W7P-72G9...