3 matches found
CVE-2023-2512
Prior to version v1.20230419.0, the FormData API implementation was subject to an integer overflow. If a FormData instance contained more than 2^31 elements, the forEach method could end up reading from the wrong location in memory while iterating over elements. This would most likely lead to a...
GHSA-FRP2-5QFC-7R8M request_store has Incorrect Default Permissions
Impact The files published as part of requeststore 1.3.2 have 0666 permissions, meaning that they are world-writable, which allows local users to execute arbitrary code. This version was published in 2017, and most production environments do not allow access for local users, so the chances of thi...
PT-2023-1365 · Tenable · Tenable.Sc +2
Name of the Vulnerable Software and Affected Versions: Tenable Nessus, tenable.io, tenable.sc affected versions not specified Description: A potential privilege escalation issue was identified internally, which could allow a malicious actor with sufficient permissions to modify environment...