yasm 代码问题漏洞

yasm is a completely rewritten Netwide assembler open-sourced by yasm. A denial of service vulnerability exists in yasm version 1.3.0, which stems from the presence of a NULL pointer dereference in the hash function in modules/preprocs/nasm/nasm-pp.c. An attacker could exploit this vulnerability ...

yasm 缓冲区错误漏洞

yasm is a completely rewritten Netwide assembler from the yasm open source. A security vulnerability exists in yasm version 1.3.0, which stems from a heap buffer overflow in the incfopen function in modules/preprocs/nasm/nasm-pp.c. The vulnerability is caused by a heap buffer overflow in the...

yasm 代码问题漏洞

yasm is yasm open source a completely rewritten Netwide assembler. A denial of service vulnerability exists in yasm version 1.3.0, which stems from the presence of a NULL pointer dereference in the expandmmacro function in modules/preprocs/nasm/nasm-pp.c. An attacker could exploit this...

yasm 代码问题漏洞

yasm is a completely rewritten Netwide assembler from the yasm open source. A security vulnerability exists in yasm version 1.3.0, which stems from a NULL pointer dereference in the ifcondition function in modules/preprocs/nasm/nasm-pp.c. The vulnerability is caused by the presence of a NULL...

Sealighter - Easy ETW Tracing for Security Research

I created this project to help non-developers dive into researching Event Tracing for Windows ETW and Windows PreProcessor Tracing WPP. Features Subscribe to multiple ETW and WPP Providers at once Automatically parse events into JSON without needing to know format Robust Event filtering including...

MAL-2022-2609 Malicious code in dummy-preprocessor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4908ea8244b5d2d0dad36068c074f34b17b6302ce6108fc1526b398a21613794 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in dummy-preprocessor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4908ea8244b5d2d0dad36068c074f34b17b6302ce6108fc1526b398a21613794 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

fenom 安全漏洞

fenom is a lightweight and fast PHP template engine. fenom 2.12.1 and earlier versions are vulnerable to code injection, which stems from a failure to properly filter the construct command special characters, commands, etc. in the getTemplateCode function of fenom/src/Fenom/Template.php, which ca...

CVE-2022-25495

The component /jqueryfileupload/server/php/index.php of CuppaCMS v1.0 allows attackers to upload arbitrary files and execute arbitrary code via a crafted PHP file...

USN-5303-1 php7.4, php8.0 vulnerability

It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code...

Sensio Labs Twig 代码代码注入漏洞

Sensio Labs Twig is a PHP template engine from the French company Sensio Labs that supports custom tags and filters and the creation of DSLs. Sensio Labs Twig is vulnerable to injection, which can be exploited by attackers to run arbitrary PHP functions...

UBUNTU-CVE-2021-45256

A Null Pointer Dereference vulnerability existfs in nasm 2.16rc0 via asm/preproc.c...

Nasm 代码问题漏洞

Nasm is an open source programming tool software by The Nasm Development Team team. A security vulnerability exists in nasm 2.16rc0, which stems from a null pointer dereference in asm/preproc.c. The vulnerability is caused by the presence of a null pointer dereference in asm/preproc.c...

Compilation database: An alternative way to configure your C or C++ analysis

Analyzing C or C++ code requires - in addition to the source code - the configuration that is used to build the code. At SonarSource, we have provided a tool to automate the extraction of this information, the build wrapper. This tool has been used successfully with many projects, yet there are...

bikeshed path traversal vulnerability

bikeshed is a preprocessor for specification documents, converting the source document which contains only the actual specification content, plus some shorthand for linking terms and other content into a final specification document with appropriate samples, bibliographies, indexes, and so on. A...

RCDCAP 安全漏洞

RCDCAP is a remote capture preprocessor. It can be used to remotely capture traffic through the use of CISCO ERSPAN and HP ERM. A security vulnerability exists in RCDCAP that could be exploited by a remote attacker to execute arbitrary code or cause a denial of service memory corruption and...

elFinder 安全漏洞

elFinder is a set of Drupal-based platform , open source AJAX file manager . The product provides multiple file uploads, image scaling and other features. A security vulnerability exists in ElFinder 2.1.47 and earlier versions, which stems from a command injection vulnerability in the program's P...

CVE-2021-20076

Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution RCE on the Tenable.sc server via Hypertext Preprocessor unserialization...

CVE-2021-20076

Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution RCE on the Tenable.sc server via Hypertext Preprocessor unserialization...

CVE-2021-20076

CVE-2021-20076 affects Tenable.sc and Tenable.sc Core versions 5.13.0–5.17.0. The vulnerability allows an authenticated, unprivileged user to achieve Remote Code Execution on the Tenable.sc server through PHP unserialization. The available connected documentation consistently describes the issue ...