Dgraph 安全漏洞

Dgraph is an open-source, horizontally scalable distributed GraphQL database with a graphical backend. Versions of Dgraph prior to 25.3.3 contained a security vulnerability. This vulnerability stemmed from the cond field in upsert mutations not being escaped or parameterized, allowing...

EUVD-2023-44315

Malicious code in bioql PyPI...

Grub2: romfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading dat

...

Grub2: squash4: integer overflow may lead to heap based out-of-bounds write when reading data

...

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A buffer error vulnerability exists in Qualcomm Chipsets, which stems from the fact that reading data from an image using specified offset and size parameters could lead to information disclosure...

CVE-2023-3675

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Secomea GateManager Web GUI allows Reading Data from System Resources.This issue affects GateManager: from 11.0.623074018 before 11.0.623373051...

CVE-2023-3675

CVE-2023-3675 affects Secomea GateManager (Web GUI). The issue is a path traversal vulnerability in GateManager that allows reading data from system resources. Affected versions are 11.0.623074018 up to, but not including, 11.0.623373051. The Root Cause and Verified Impact are described as improp...

CVE-2023-3675 Insufficient input validation when downloading certain file types.

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Secomea GateManager Web GUI allows Reading Data from System Resources.This issue affects GateManager: from 11.0.623074018 before 11.0.623373051...

SUSE CVE-2020-35533

In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobecopypixel" function libraw\src\decoders\dng.cpp when reading data from the image file...

CVE-2013-5653

The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file...

Adobe Flash Player SWF File Handling Local Information Disclosure Vulnerability

Adobe Flash Player is a cross-platform, browser-based multimedia player product from the American company Adobe. Adobe Flash Player suffers from an information disclosure vulnerability in the handling of swf files, which can be exploited by remote attackers to construct malicious content and tric...

UBUNTU-CVE-2014-8161

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message...