CVE-2022-21658

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::removedirall standard library function is vulnerable a race condition enabling symlink following CWE-363. A...

CVE-2022-21658 Race condition in std::fs::remove_dir_all in rustlang

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::removedirall standard library function is vulnerable a race condition enabling symlink following CWE-363. A...

UBUNTU-CVE-2022-21248

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerabili...

Juniper Networks Junos OS Information Disclosure Vulnerability (CNVD-2022-21488)

Juniper Networks Junos OS is a network operating system from Juniper Networks, Inc. for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS is vulnerable to information disclosure, and no details of the...

CVE-2021-37867

Mattermost Boards plugin v0.10.0 and earlier fails to protect email addresses of all users via one of the Boards APIs, which allows authenticated and unauthorized users to access this information resulting in sensitive & private information disclosure...

PT-2022-10681 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 6.1 and earlier Description: The issue arises from insufficient permission validation when viewing archived channels. This allows authenticated users to bypass system administrator restrictions and view the contents of...

[SECURITY] Fedora 34 Update: python-cvxopt-1.2.7-1.fc34

CVXOPT is a free software package for convex optimization based on the Python programming language. Its main purpose is to make the development of software for convex optimization applications straightforward by building on Python's extensive standard library and on the strengths of Python as a...

Jimoty 信任管理问题漏洞

Jimoty is a Web site of Jimoty Japan, Inc. It is used to provide help, information dissemination and other services to local people. Jimoty App for Android is vulnerable to a trust management issue, which exists due to hard-coded credentials in the application code. A local attacker could exploit...

CVE-2021-42748

In Beaver Builder through 2.5.0.3, attackers can bypass the visibility controls protection mechanism via the REST API...

Uncontrolled Resource Consumption

net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests...

[SECURITY] Fedora 34 Update: golang-1.16.12-1.fc34

The Go Programming Language...

[SECURITY] Fedora 35 Update: golang-1.16.12-1.fc35

The Go Programming Language...

Mozilla Rust has an unspecified vulnerability (CNVD-2022-03126)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. security vulnerabilities exist in versions of Rust tremor-script crate prior to 0.11.6, which can lead to resource management errors. No details of the vulnerability are currently available...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2022-04516)

Rust, a general-purpose, compiled programming language from the Mozilla Foundation, has a security vulnerability in versions prior to Rust metrics-util crate 0.7.0 that can be exploited by attackers to cause memory corruption...

Rust libpulse-binding crate资源管理错误漏洞

Rust libpulse-binding crate is a repository containing sys FFI and binding libraries crates for connecting to PulseAudio PA from the Rust programming language.Mozilla Rust libpulse-binding crate memory corruption vulnerability, which stems from a security flaw in A security vulnerability exists i...

nasm has unspecified vulnerabilities

Nasm is an open source programming tool software by The Nasm Development Team team. nasm 2.16rc0 contains a security vulnerability that stems from the existence of an infinite loop in the gpastetokens function. No details of the vulnerability are currently available...

Horner Automation Cscape EnvisionRV Input Validation Error Vulnerability

Horner Automation Cscape EnvisionRV is a programming software for industrial control system development from Horner Automation, U.S. An input validation error vulnerability exists in Horner Automation Cscape EnvisionRV, which could be exploited by an attacker to execute arbitrary code in the...

Explanation of what Java API is ❓ Types. Examples

When the two most viable and essential application/software development comes together, programmers are allowed to have unmatched functionality. Java API Application Programming Interface is the perfect example of how to attain this. Acknowledged as a crucial entity for internal and open...

WECON LeviStudioU

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: WECON Equipment: LeviStudioU Vulnerabilities: Stack-based Buffer Overflow, Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow remote code execution. 3. TECHNICAL...

Open Design Alliance Drawings SDK 缓冲区错误漏洞

Open Design Alliance Drawings SDK is a software development kit for drawing design applications from Open Design Alliance, Inc. The package provides access to data in .dwg and .dgn through a convenient, object-oriented API, providing a C API, support for repair files, support for the . This...