CVE-2021-26543

The "gitDiff" function in Wayfair git-parse =1.0.4 has a command injection vulnerability. Clients of the git-parse library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. The issue has been resolved in version 1.0.5...

CVE-2021-26543

The CVE-2021-26543 issue affects the Wayfair git-parse library, specifically the gitDiff function in versions

CVE-2020-28016

Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parsefixphrase...

CVE-2020-28016

Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parsefixphrase...

npm git-parse 操作系统命令操作系统命令注入漏洞

npm git-parse is an application from the American company npm. It is a utility program that generates a set of javascript objects that represent the current branch of the commit history of a local git repository. An operating system command injection vulnerability exists in the "gitDiff" function...

Regular Expression Denial Of Service (ReDoS)

path-parse is vulnerable to regular expression denial of service. An attacker is able to produce a denial of service condition in the application through worst-case time complexity via splitDeviceRe, splitTailRe and splitPathRe...

CVE-2021-23343

A flaw was found in nodejs-path-parse. All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

CVE-2021-23343

All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

CVE-2021-23343

CVE-2021-23343 affects the path-parse package. The vulnerability is a Regular Expression Denial of Service (ReDoS) via the regexes splitDeviceRe, splitTailRe, and splitPathRe. The ReDoS has polynomial worst-case time complexity. Connected telemetry from MiracleLinux AXSA advisories lists path-par...

CVE-2021-23343

All versions of package path-parse are vulnerable to Regular Expression Denial of Service ReDoS via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity...

Exim 缓冲区错误漏洞

Exim was developed at Cambridge University as a Message Transfer Agent MTA for Unix systems connected to the Internet. A heap buffer overflow vulnerability exists in Exim in parsefixphrase, which stems from interpreting negative sizes in strncpy, and can be exploited by an attacker to elevate...

Exim 缓冲区错误漏洞

Exim was developed at Cambridge University as a Message Transfer Agent MTA for Unix systems connected to the Internet. Exim suffers from a buffer overflow vulnerability. The vulnerability stems from a "-F" handling error in parsefixphrase. No details of the vulnerability are available at this tim...

npm path-parse 安全漏洞

npm path-parse is an application plugin from the United States npm. It provides a path-parse function. A security vulnerability exists in path-parse, which originates from a Regular Expression Denial of Service ReDoS attack via the splitDeviceRe, splitTailRe, and splitPathRe regular expressions...

Arbitrary Code Execution

re2c is vulnerable to arbitrary code execution. A heap-based buffer overflow in Scanner::fill in parse/scanner.cc allows an attackero to execute arbitrary code on the host OS via a malicious lexeme...

PT-2021-19559 · Cesanta · Mongooseos Mjs

Name of the Vulnerable Software and Affected Versions: Cesanta MongooseOS mJS version 1.26 Description: A maliciously formed JSON string can trigger an off-by-one heap-based buffer overflow in mjs json parse, potentially leading to redirection of control flow. The original reporter disputes the...

PT-2024-11264 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A logic error in the Linux kernel could result in a null dereference if the user sets the mode incorrectly for the given address type. This issue is related to the net: ieee802154...

DEBIAN-CVE-2021-30014

There is a integer overflow in mediatools/avparsers.c in the hevcparseslicesegment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash...

UBUNTU-CVE-2021-30014

There is a integer overflow in mediatools/avparsers.c in the hevcparseslicesegment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash...

CVE-2021-30014

There is a integer overflow in mediatools/avparsers.c in the hevcparseslicesegment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash...

SUSE: Security Advisory (SUSE-SU-2017:1445-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...