Swiper Security Vulnerabilities

Swiper is a free mobile touch slider by Vladimir Kharlampidi personal developer. It is intended for use in mobile websites, mobile web applications and mobile native applications. A security vulnerability exists in Swiper version v0.0.2, which stems from the inclusion of prototype contamination v...

PT-2024-28701 · Unknown · Ratio-Swiper

Name of the Vulnerable Software and Affected Versions: ratio-swiper version 0.0.2 Description: The issue allows attackers to execute arbitrary code or cause a Denial of Service DoS by injecting arbitrary properties via the parse function, which is vulnerable to prototype pollution. Recommendation...

Parse Server Security Vulnerability

Parse Server is an open source backend from Parse Platform Open Source that can be deployed to any infrastructure that can run Node.js. A security vulnerability exists in Parse Server versions prior to 6.5.7 and 7.1.0 that stems from vulnerability to SQL injection attacks when configured to use a...

PT-2024-28434 · Postgresql +1 · Postgresql +1

Name of the Vulnerable Software and Affected Versions: Parse Server versions prior to 6.5.7 Parse Server versions prior to 7.1.0 Description: A vulnerability in Parse Server allows SQL injection when configured to use the PostgreSQL database. This issue enables remote attackers to bypass...

PT-2024-28316 · Adolph Dudu · Ratio-Swiper

Name of the Vulnerable Software and Affected Versions: adolph dudu ratio-swiper version 0.0.2 Description: The issue allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties through a prototype pollution vulnerability in the parse function...

DEBIAN-CVE-2016-20022

In the Linux kernel before 4.8, usbparseendpoint in drivers/usb/core/config.c does not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products that are no longer supported by the supplier...

AZL-43591 CVE-2024-39133 affecting package zziplib 0.13.72-3

Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the zzipparserootdirectory function at /zzip/zip.c...

DEBIAN-CVE-2024-39133

Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the zzipparserootdirectory function at /zzip/zip.c...

UBUNTU-CVE-2024-39133

Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the zzipparserootdirectory function at /zzip/zip.c...

ZZIPlib security vulnerability

ZZIPlib is a compressed document extraction library. A security vulnerability exists in ZZIPlib version v0.13.77, which stems from a service resolution vulnerability in the zzipparserootdirectory function of the /zzip/zip.c file...

DEBIAN-CVE-2024-38661

In the Linux kernel, the following vulnerability has been resolved: s390/ap: Fix crash in AP internal function modifybitmap A system crash like this Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403 Fault in home space mode while using kernel ASCE. AS:00000002d71bc007 R3:00000003fe5b8007...

CVE-2024-23150

A maliciously crafted PRT file, when parsed in odxugdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

CVE-2024-37002 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process...

SUSE CVE-2024-36481

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...

CVE-2024-38381

A vulnerability was found in the NCI component in the Linux kernel's NFC subsystem. This issue involves an uninitialized value in the ncirxwork function, which could lead to unintended behavior or potential security risks. Mitigation Mitigation for this issue is either not available or the...

AZL-42834 CVE-2024-36481 affecting package kernel for versions less than 6.6.35.1-4

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...

DEBIAN-CVE-2024-36481

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...

AZL-42854 CVE-2024-36481 affecting package kernel for versions less than 5.15.160.1-1

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...

UBUNTU-CVE-2024-36481

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...

golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm

A flaw was discovered in Go's net/http standard library package. When parsing a multipart form either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile, limits on the total size of the parsed form were not applied to the...