yasm find_cc function denial of service vulnerability

yasm is yasm open source a completely rewritten Netwide assembler. A denial of service vulnerability exists in yasm version 1.3.0, which stems from the presence of a NULL pointer dereference in the findcc function in modules/preprocs/nasm/nasm-pp.c. An attacker could exploit this vulnerability to...

CVE-2022-35291

Due to misconfigured application endpoints, SAP SuccessFactors attachment APIs allow attackers with user privileges to perform activities with admin privileges over the network. These APIs were consumed in the SF Mobile application for Time Off, Time Sheet, EC Workflow, and Benefits. On successfu...

Schneider Electric Modicon Insufficient Verification of Data Authenticity (CVE-2022-34763)

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 and later, OPC UA Modicon...

CVE-2022-30276

The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication MDLC networks potentially over a variety of serial, RF and/or Ethernet links and TCP/IP networks...

CVE-2021-33458

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in findcc in modules/preprocs/nasm/nasm-pp.c...

Null pointer dereference

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expandmmacro in modules/preprocs/nasm/nasm-pp.c...

Null pointer dereference

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in dodirective in modules/preprocs/nasm/nasm-pp.c...

Null pointer dereference

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in findcc in modules/preprocs/nasm/nasm-pp.c...

Design/Logic Flaw

An issue was discovered in yasm version 1.3.0. There is a use-after-free in ppgetline in modules/preprocs/nasm/nasm-pp.c...

CVE-2021-33460

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in ifcondition in modules/preprocs/nasm/nasm-pp.c...

Heap overflow

An issue was discovered in yasm version 1.3.0. There is a heap-buffer-overflow in incfopen in modules/preprocs/nasm/nasm-pp.c...

CVE-2021-33464

An issue was discovered in yasm version 1.3.0. There is a heap-buffer-overflow in incfopen in modules/preprocs/nasm/nasm-pp.c...

CVE-2021-33465

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expandmmacro in modules/preprocs/nasm/nasm-pp.c...

CVE-2021-33467

An issue was discovered in yasm version 1.3.0. There is a use-after-free in ppgetline in modules/preprocs/nasm/nasm-pp.c...

CVE-2021-33467

An issue was discovered in yasm version 1.3.0. There is a use-after-free in ppgetline in modules/preprocs/nasm/nasm-pp.c...

CVE-2021-33468

An issue was discovered in yasm version 1.3.0. There is a use-after-free in error in modules/preprocs/nasm/nasm-pp.c...

CVE-2021-33460

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in ifcondition in modules/preprocs/nasm/nasm-pp.c...

CVE-2021-33459

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in nasmparserdirective in modules/parsers/nasm/nasm-parse.c...

CVE-2021-33455

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in dodirective in modules/preprocs/nasm/nasm-pp.c...

CVE-2022-34375

Dell Container Storage Modules 1.2 contains a path traversal vulnerability in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to unintentional access to path outside of restricted directory...