CVE-2021-3664

CVE-2021-3664 affects the url-parse library and enables a URL Redirection to Untrusted Site (Open Redirect) via its URL parsing logic. According to the connected document, the vulnerability is rooted in the url-parse component and has a CVSS v3.1 base score of 5.3 with vector (AV:N/AC:L/PR:N/UI:N...

CVE-2021-3664

url-parse is vulnerable to URL Redirection to Untrusted Site...

nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe

A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

Moderate: Red Hat Security Advisory: RHV Manager (ovirt-engine) security update [ovirt-4.4.7]

Updated ovirt-engine packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

STMicroelectronics STM32Cube 安全漏洞

The Stmicroelectronics STMicroelectronics STM32Cube is a microcontroller for embedded systems from STMicroelectronics Switzerland. A security vulnerability exists in USBHParseCfgDesc in STMicroelectronics STM32Cube Middleware v1.8.0 and earlier versions, which denies service due to a system hang...

STMicroelectronics STM32Cube 缓冲区错误漏洞

The Stmicroelectronics STMicroelectronics STM32Cube is a microcontroller for embedded systems from STMicroelectronics Switzerland. A buffer error vulnerability exists in the USBH ParseEPDesc function in STMicroelectronics STM32Cube Middleware v1.8.0 and earlier versions, which can be exploited by...

DEBIAN-CVE-2020-36426

An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtlsx509crlparseder has a buffer over-read of one byte...

CVE-2021-1965

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...

Buffer overflow

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...

Open Redirect in ionicabizau/parse-url

✍️ Description parse-url improperly handles the user input such as https:/\ and interprets it as a relative path. Backslashes after the protocol are accepted by browsers and treated as normal slashes, but parse-url reads them as the relative path, which could lead to SSRF, open redirects, or other...

OESA-2021-1262 nodejs-path-parse security update

Node.js path.parse ponyfill Security Fixes: All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.CVE-2021-23343...

OSV-2021-947 Dynamic-stack-buffer-overflow in hsql::SQLParserResult::addStatement

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35946 Crash type: Dynamic-stack-buffer-overflow WRITE 8 Crash state: hsql::SQLParserResult::addStatement hsqlparse hsql::SQLParser::parse...

Open Redirect in ionicabizau/parse-url

✍️ Description parse-url mishandles certain uses of backslash such as https:/\ and interprets the URI as a relative path. Browsers accept backslashes after the protocol, and treat it as a normal slash, while parse-url sees it as a relative path. Which will lead to SSRF attacks, open redirects, or...

Open Redirect in ionicabizau/parse-path

✍️ Description parse-path mishandles certain uses of backslash such as https:/\ and interprets the URI as a relative path. Browsers accept backslashes after the protocol, and treat it as a normal slash, while parse-path sees it as a relative path. Which will lead to SSRF attacks, open redirects, o...

CVE-2021-21807

An integer overflow vulnerability exists in the DICOM parsedicommetainfo functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability...

The vulnerability of the ParseDsdiffHeaderConfig function in the dsdiff.c component of the WavPack audio codec, related to division by zero, allows a attacker to cause a service failure.

The vulnerability of the ParseDsdiffHeaderConfig function in the dsdiff.c component of the WavPack audio codec is related to division by zero. Exploiting this vulnerability allows a remote attacker to cause a service failure using a malicious .wav file...

The vulnerability of the ParseWave64HeaderConfig function in the wave64.c component of the WavPack audio codec, related to the use of previously uninitialized variables, allows a hacker to cause a service failure.

The vulnerability of the ParseWave64HeaderConfig function in the wave64.c component of the WavPack audio codec is related to the use of previously uninitialized variables. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a malicious .wav file...

Open Redirect in unshiftio/url-parse

✍️ Description url-parse mishandles certain uses of backslash such as https:/\ and interprets the URI as a relative path. Browsers accept backslashes after the protocol, and treat it as a normal slash, while url-parse sees it as a relative path. Similar attacks:...

XML2Dict XML Entity Expansion Vulnerability

XXE vulnerability in 'XML2Dict' version 0.2.2 allows an attacker to cause a denial of service. The parse function does not properly restrict recursive entity references...

OSV-2021-907 Heap-buffer-overflow in decode_header_value_literal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35675 Crash type: Heap-buffer-overflow READ 1 Crash state: decodeheadervalueliteral decodeheader h2ohpackparserequest...