UBUNTU-CVE-2022-0391

A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator URL strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an...

CVE-2022-0391

A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator URL strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an...

CVE-2022-0391

CVE-2022-0391 affects the Python urllib.parse.urlparse path handling, where input is not sanitized and allows literal CR/LF characters, enabling crafted URLs to trigger injection-like issues. Public docs (Python history, Debian LTS/DLA notes, Astra Linux bulletin) corroborate that the vulnerabili...

PT-2022-11971 · Siemens · Solid Edge +2

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V13.2.0.7 Solid Edge SE2021 versions prior to SE2021MP9 Solid Edge SE2022 versions prior to SE2022MP1 Teamcenter Visualization V13.1 versions prior to V13.1.0.9 Teamcenter Visualization V13.2 versions prior to V13.2.0....

Rocky Linux 8 : nodejs:14 (RLSA-2021:3666)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3666 advisory. - Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host...

PHP Everywhere 2.0.3 Remote Code Execution

On January 4, 2022, the Wordfence Threat Intelligence team began the responsible disclosure process for several Remote Code Execution vulnerabilities in PHP Everywhere, a WordPress plugin installed on over 30,000 websites. One of these vulnerabilities allowed any authenticated user of any level,...

MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations.

...

DEBIAN-CVE-2021-46665

MariaDB through 10.5.9 allows a sqlparse.cc application crash because of incorrect usedtables expectations...

UBUNTU-CVE-2021-46665

MariaDB through 10.5.9 allows a sqlparse.cc application crash because of incorrect usedtables expectations...

CVE-2022-21796

A memory corruption vulnerability exists in the netserver parsecommandlist functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to an out-of-bounds write. An attacker can send an HTTP request to trigger this vulnerability...

Reolink RLC-410W 缓冲区错误漏洞

Reolink Rlc-410W is a Wifi security camera from Reolink China.A security vulnerability exists in Reolink RLC-410W in version v3.0.0.13620121102, which stems from the fact that the product parsecommandlist function does not properly validate the input data. An attacker could cause out-of-bounds...

Improper Authentication

Overview cgi is a Support for the Common Gateway Interface protocol. Affected versions of this package are vulnerable to Improper Authentication. CGI::Cookie.parse mishandles security prefixes in cookie names by applying URL decoding to cookie names. An attacker could exploit this vulnerability t...

OSV-2022-65 Heap-buffer-overflow in parse_regex

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43845 Crash type: Heap-buffer-overflow READ 1 Crash state: parseregex parseregex parseregex...

OSV-2022-60 Heap-buffer-overflow in parse_regex

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43812 Crash type: Heap-buffer-overflow READ 1 Crash state: parseregex cliregex2suffix regexlistaddpattern...

CVE-2021-40564

A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avcparseslice function in avparsers.c when using mp4box, which causes a denial of service...

DEBIAN-CVE-2021-40565

A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gfavcparsenalu function in avparsers.c when using mp4box, which causes a denial of service...

DEBIAN-CVE-2021-40564

A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avcparseslice function in avparsers.c when using mp4box, which causes a denial of service...

GPAC 代码问题漏洞

GPAC is an open source multimedia framework. GPAC has a denial of service vulnerability before 1.0.1, an attacker can use the naludmxparsenalavc function in reframenalu to have a null pointer reference, an attacker can use this vulnerability to trigger a denial of service...

CVE-2021-40559

A null pointer deference vulnerability exists in gpac through 1.0.1 via the naludmxparsenalavc function in reframenalu, which allows a denail of service...

in ionicabizau/parse-url

Description urldomain validation bypass Proof of Concept parse-url not able verify urldomain properly when basic authentication is given .This allow to bypass hostname validation . Lets username is admin and password is password123@ and hostname is 127.0.0.1 . so the url will be...