3 matches found
Cross-site Request Forgery (CSRF)
Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via spreeauthdevise. Note: The package is affected only if protectfromforgery method is both: 1 Executed whether as: a A beforeaction callback the default b A prependbeforeaction option prepend: true give...
UBUNTU-CVE-2020-28595
An out-of-bounds write vulnerability exists in the Obj.cpp loadobj functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2018-13844
An issue has been found in HTSlib 1.8. It is a memory leak in fairead in faidx.c. NOTE: This has been disputed with the assertion that this vulnerability exists in the test harness and HTSlib users would be aware of the need to destruct this object returned by faiload in their own code...