Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in stackdst crate before 0.6.1 for Rust, which stems from the pushinner behavior, with double free at val.clone.No detailed vulnerability details are provided at...

Aruba Networks AirWave Management Platform SQL注入漏洞

Aruba Networks AirWave Management Platform is a suite of network management software for multi-vendor management from Aruba Networks. The software provides real-time monitoring, proactive alerting and historical data reporting. An SQL injection vulnerability exists in the API of Aruba Networks...

Microsoft, FireEye Unmask More Malware Linked to SolarWinds Attackers

Researchers have uncovered more custom malware that is being used by the threat group behind the SolarWinds attack. Researchers with Microsoft and FireEye identified three new pieces of malware that the companies said are being used in late-stage activity by the threat actor previously called...

Sourcecodesterk Doctor Appointment System SQL注入漏洞

Doctor Appointment System is a PHP/MySQLi based doctor appointment system. A SQL blind injection vulnerability exists in contactus.php in Doctor Appointment System 1.0. An attacker can exploit this vulnerability to insert malicious SQL queries via the firstname parameter...

Datadog API 安全漏洞

Github datadog-api-client-java is Github an open source application . Provides a JAVA API interface. Datadog API before version 1.0.0-beta.9 A security vulnerability exists in the Datadog API before version 1.0.0-beta.9, which stems from a local disclosure of sensitive information downloaded...

GitHub Enterprise Server 安全漏洞

GitHub is a suite of hosting platforms for open source and private software projects. A security vulnerability exists in GitHub Enterprise Server that allows instances of authenticated users to gain write access to unauthorized repositories via specially designed pull requests and REST API...

Fake-Sms - A Simple Command Line Tool Using Which You Can Skip Phone Number Based SMS Verification By Using A Temporary Phone Number That Acts Like A Proxy

A simple command line tool using which you can skip phone number based SMS verification by using a temporary phone number that acts like a proxy. Note-1: This is just an experimental tool, do not use this in any banking transactions. Unethical use of this tool is strictly not encouraged." Note-2:...

[SECURITY] Fedora 33 Update: python3.9-3.9.2-1.fc33

Python 3.9 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

CVE-2021-21298

Node-Red is a low-code programming for event-driven applications built using nodejs. Node-RED 1.2.7 and earlier has a vulnerability which allows arbitrary path traversal via the Projects API. If the Projects feature is enabled, a user with projects.read permission is able to access any file via t...

Denial of Service Vulnerability in GX Works2 (CNVD-2021-16895)

GX Works2 is a PLC programming software. A memory out-of-bounds access vulnerability exists in GX Works2. An attacker could exploit this vulnerability to cause the program to crash...

Code Injection Vulnerability in GX Works2

GX Works2 is a PLC programming software. A code injection vulnerability exists in GX Works2. An attacker can exploit this vulnerability to gain server privileges...

CVE-2021-1388

A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator MSO installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected device. The vulnerability is due to improper token validation on a specific API endpoint...

Unspecified Vulnerability in Rust (CNVD-2021-13649)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in versions of Rust prior to 2021-02-04, which stems from the fact that byte-type data returned from an X server can be parsed into an arbitrary data type by...

Rust Buffer Overflow Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in versions of Rust prior to 0.17.0 that can be exploited by an attacker to overwrite a heap memory location...

Rust Buffer Overflow Vulnerability (CNVD-2021-13648)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in versions of Rust prior to 2021-02-04, which stems from xcb::xproto::changeproperty allowing out-of-bounds read operations. No detailed vulnerability details are provided...

Rust Information Disclosure Vulnerability (CNVD-2021-13652)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. An information disclosure vulnerability exists in versions of Rust prior to 0.14.0, which can be exploited by an attacker to obtain sensitive information from uninitialized memory locations via a user-supplied...

Unspecified Vulnerability in Rust (CNVD-2021-13647)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in versions of Rust prior to 2021-02-04, and no details of the vulnerability are available at this time...

Rust Information Disclosure Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. An information disclosure vulnerability exists in versions of Rust prior to 0.1.3, which can be exploited to obtain sensitive information via a memory location that is never initialized by IoReader :: read...

Unspecified Vulnerability in Rust (CNVD-2021-13650)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in versions of Rust prior to 2021-02-04, and no details of the vulnerability are available at this time...

Rust Resource Management Error Vulnerability (CNVD-2021-13651)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in versions of Rust prior to 0.3.1 that stems from insertsliceclone generating two drop actions when a Clone exception occurs. No details of the vulnerability are...