35 matches found
CVE-2021-21772
A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
Design/Logic Flaw
A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-21772
CVE-2021-21772 describes a use-after-free in the NMR::COpcPackageReader::releaseZIP() path of 3MF Consortium’s lib3mf, version 2.0.0. A crafted 3MF file can lead to code execution. Affected products are lib3mf 2.0.0 and deployments using it (e.g., lib3mf-based apps). The root cause is improper me...
CVE-2021-21772
A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-21772
A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...
3MF Consortium lib3mf NMR::COpcPackageReader::releaseZIP() use-after-free vulnerability
Talos Vulnerability Report TALOS-2021-1226 3MF Consortium lib3mf NMR::COpcPackageReader::releaseZIP use-after-free vulnerability March 10, 2021 CVE Number CVE-2021-21772 SUMMARY A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP functionality of 3MF Consortium lib3mf...
CVE-2019-17514
library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. NOTE: the effects of this documentation cross application domains, and thus it is likely that...
EulerOS 2.0 SP8 : python2 (EulerOS-SA-2020-1024)
According to the version of the python2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as...
EulerOS 2.0 SP8 : python3 (EulerOS-SA-2020-1025)
According to the version of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as...
CVE-2019-17514
library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. NOTE: the effects of this documentation cross application domains, and thus it is likely that...
CVE-2019-17514
library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. NOTE: the effects of this documentation cross application domains, and thus it is likely that...
Design/Logic Flaw
library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. NOTE: the effects of this documentation cross application domains, and thus it is likely that...
CVE-2019-17514
library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. NOTE: the effects of this documentation cross application domains, and thus it is likely that...
CVE-2019-17514
CVE-2019-17514 concerns the Python documentation (library/glob.html) prior to 2016, which could mislead about sorting in glob.glob. It is not a Python implementation bug, and there are no reports of affected security-relevant code in Python itself. The provided sources note a workaround in newer ...
nmr.chem.uw.edu.pl XSS vulnerability
Open Bug Bounty ID: OBB-260053 Description| Value ---|--- Affected Website:| nmr.chem.uw.edu.pl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...