5610 matches found
GHSA-8VR4-H4RR-8PH6 MiguelCastillo @bit/loader Prototype Pollution issue
A Prototype Pollution issue in MiguelCastillo @bit/loader v.10.0.3 allows an attacker to execute arbitrary code via the M function e argument in index.js...
CVE-2024-24293
A Prototype Pollution issue in MiguelCastillo @bit/loader v.10.0.3 allows an attacker to execute arbitrary code via the M function e argument in index.js...
CVE-2024-24293
A Prototype Pollution issue in MiguelCastillo @bit/loader v.10.0.3 allows an attacker to execute arbitrary code via the M function e argument in index.js...
CVE-2024-24293
A Prototype Pollution issue in MiguelCastillo @bit/loader v.10.0.3 allows an attacker to execute arbitrary code via the M function e argument in index.js...
CVE-2024-24293
CVE-2024-24293 affects MiguelCastillo @bit/loader (version 10.0.3). The root cause is a prototype pollution flaw in the M function’s e argument within index.js, enabling arbitrary code execution. Exploitation status is not detailed in the provided documents. Remediation guidance from PT-Security ...
bit-loader 安全漏洞
bit-loader is a framework for building module loaders by the individual developer Miguel Castillo. A security vulnerability exists in bit-loader-babel version v.10.0.3, which originated from a vulnerability that allows an attacker to execute arbitrary code via the M function e parameter in index....
PT-2024-20340 · Unknown · @Bit/Loader
Name of the Vulnerable Software and Affected Versions: @bit/loader version 10.0.3 Description: A Prototype Pollution issue allows an attacker to execute arbitrary code via the M function e argument in index.js. Recommendations: For version 10.0.3, consider disabling the M function until a patch i...
SUSE CVE-2024-27413
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
CVE-2024-27413
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
CVE-2024-27413
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
DEBIAN-CVE-2024-27413
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
CVE-2024-27413
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
UBUNTU-CVE-2024-27413
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
CVE-2024-27413
CVE-2024-27413 is a Linux kernel vulnerability affecting the EFI capsule loader. The defect occurs in drivers/firmware/efi/capsule-loader.c during efi_capsule_open, where an allocation uses sizeof(void*) for a phys_addr_t on 32-bit builds, leading to insufficient allocation size (4 bytes vs 8). T...
CVE-2024-27413 efi/capsule-loader: fix incorrect allocation size
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
CVE-2024-27413 efi/capsule-loader: fix incorrect allocation size
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
CVE-2024-27413
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
CVE-2024-27413 efi/capsule-loader: fix incorrect allocation size
In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect memory allocation in the efi/capsule-loader module...
VulnCheck KEV: CVE-2021-45467
In CWP aka Control Web Panel or CentOS Web Panel before 0.9.8.1107, an unauthenticated attacker can use %00 bytes to cause /user/loader.php to register an arbitrary API key, as demonstrated by a /user/loader.php?api=1&scripts= .%00./.%00./api/accountnewcreate&acc=guadaapi URI. Any number of...