6 matches found
CVE-2025-48888 Deno run with --allow-read and --deny-read flags results in allowed
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.41.3 and prior to versions 2.1.13, 2.2.13, and 2.3.2, deno run --allow-read --deny-read main.ts results in allowed, even though 'deny' should be stronger. The result is the same with all global unary permissions give...
CVE-2025-30213 Frappe has Possibility of Remote Code Execution due to improper validation
Frappe is a full-stack web application framework. Prior to versions 14.91.0 and 15.52.0, a system user was able to create certain documents in a specific way that could lead to remote code execution. Versions 14.9.1 and 15.52.0 contain a patch for the vulnerability. There's no workaround; an...
CVE-2022-39344
Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack, that is fully integrated with Azure RTOS ThreadX. Prior to version 6.1.12, the USB DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this m...
Exploit for Path Traversal in Vmware Cloud_Foundation
CVE-2021-21972 Vulnerability Description CVE-2021-21972:...
[SECURITY] [DSA 682-1] New awstats packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 682-1 [email protected] http://www.debian.org/security/ Martin Schulze February 15th, 2005 http://www.debian.org/security/faq -...
DSA-248 hypermail - buffer overflows
Bulletin has no description...