DEBIAN-CVE-2022-30790

Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552...

Das U-Boot 缓冲区错误漏洞

Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A security vulnerability exists in Das U-Boot 2022.01 and earlier versions, which stems from the...

CVE-2022-30738

Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address bar via executing script...

CVE-2022-30738

Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address bar via executing script...

CVE-2022-30738

Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address bar via executing script...

Input validation

Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address bar via executing script...

grub2 数据伪造问题漏洞

grub2 is a Linux system boot program from the US GNU community. A data forgery issue vulnerability exists in grub2 that stems from the shimlock validator allowing non-kernel files to be loaded...

grub2 缓冲区错误漏洞

grub2 is a Linux system boot program from the US GNU community. A buffer error vulnerability exists in grub2 that stems from an out-of-bounds write when handling split HTTP headers...

Heap-Based Buffer Overflow

blender is vulnerable to heap-based buffer overflow. The vulnerability exists due to missing bounds check in the image loader which leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution...

The vulnerability of the CGM_NIST_Loader.dll library, a tool for 3D JT and JT2Go viewing, as well as the Teamcenter Visualization lifecycle management system, allows attackers to execute arbitrary code.

The vulnerability of the CGMNISTLoader.dll library, used by the 3D JT and JT2Go visualization tools, as well as the Teamcenter Visualization lifecycle management system, stems from the use of an uninitialized pointer during syntax analysis of CGM files. Exploiting this vulnerability allows...

Fuji Electric Alpha7 PC Loader 缓冲区错误漏洞

Fuji Electric Alpha7 PC Loader is a motor controller from Fuji Electric Japan. A security vulnerability exists in all versions of Fuji Electric Alpha7 PC Loader, which is caused by a stack-based buffer overflow. An attacker can exploit the vulnerability to execute arbitrary code...

PT-2022-3926 · Unknown · Alpha7 Pc Loader

Name of the Vulnerable Software and Affected Versions: Alpha7 PC Loader All versions Description: The issue is caused by a stack-based buffer overflow that occurs when processing a specifically crafted project file. This may allow an attacker to execute arbitrary code. The exploitation of this...

Fuji Electric Alpha7 PC Loader

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Alpha7 PC Loader Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED...

The vulnerability of the Cisco IOS operating system’s software loader for Cisco Catalyst Digital Building switches allows a perpetrator to execute arbitrary code.

The vulnerability of the Cisco IOS operating system’s microprogramming software for Cisco Catalyst Digital Building switches is related to security flaws. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2022-29379

Nginx NJS v0.7.3 was discovered to contain a stack overflow in the function njsdefaultmoduleloader at /src/njs/src/njsmodule.c. NOTE: multiple third parties dispute this report, e.g., the behavior is only found in unreleased development code that was not part of the 0.7.2, 0.7.3, or 0.7.4 release...

CVE-2022-29379

Nginx NJS v0.7.3 was discovered to contain a stack overflow in the function njsdefaultmoduleloader at /src/njs/src/njsmodule.c. NOTE: multiple third parties dispute this report, e.g., the behavior is only found in unreleased development code that was not part of the 0.7.2, 0.7.3, or 0.7.4 release...

NGINX JavaScript 缓冲区错误漏洞

NGINX JavaScript is an extension to the NGINX open source. A buffer error vulnerability exists in NGINX JavaScript version v0.7.3, which stems from a stack overflow in function njsdefaultmoduleloader in /src/njs/src/njsmodule.c. The vulnerability is caused by a stack overflow in function...

XWiki Platform 路径遍历漏洞

Xwiki Platform is a suite of Wiki platforms for creating web collaboration applications from the French company Xwiki. A security vulnerability exists in versions of XWiki Platform prior to 12.10.3 that stems from the ability to request any file located in the class loader using the template API...

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-29211 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-29211 Source advisory: OSV:GHSA-XRP2-FHQ4-4Q3W...

Unsafe entry in Script Security list of approved signatures in Pipeline Remote Loader Plugin

Jenkins Pipeline Remote Loader Plugin before 1.5 provided a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection...