CVE-2022-0213

vim is vulnerable to Heap-based Buffer Overflow...

roaring-landmask (=0.4.0) potentially affected by CVE-2021-4044 via openssl-src (=300.0.0+3.0.0)

openssl-src CARGO version =300.0.0+3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - roaring-landmask =0.4.0 Source cves: CVE-2021-4044 Source advisory: OSV:GHSA-MMJF-F5JW-W72Q...

CVE-2021-39183

Owncast is an open source, self-hosted live video streaming and chat server. In affected versions inline scripts are executed when Javascript is parsed via a paste action. This issue is patched in 0.0.9 by blocking unsafe-inline Content Security Policy and specifying the script-src. The worker-sr...

CVE-2021-39183

Owncast is an open source, self-hosted live video streaming and chat server. In affected versions inline scripts are executed when Javascript is parsed via a paste action. This issue is patched in 0.0.9 by blocking unsafe-inline Content Security Policy and specifying the script-src. The worker-sr...

Buffer overflow

Owncast is an open source, self-hosted live video streaming and chat server. In affected versions inline scripts are executed when Javascript is parsed via a paste action. This issue is patched in 0.0.9 by blocking unsafe-inline Content Security Policy and specifying the script-src. The worker-sr...

Fortinet FortiOS has an unspecified vulnerability (CNVD-2022-06912)

Fortinet FortiOS is a security operating system dedicated to the FortiGate network security platform from Fortinet, a US-based company. The system provides users with a variety of security features such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam.Fortinet FortiOS ha...

Vim memory mis-reference vulnerability

Vim is a UNIX-based editor. vim is vulnerable to a memory mis-reference vulnerability in the exopen function in src/exdocmd.c, which could be exploited to cause a denial of service or code execution...

PT-2021-6889 · Fortinet · Fortios

Name of the Vulnerable Software and Affected Versions: FortiOS versions prior to 7.0.3 Description: A download of code without integrity check vulnerability in the "execute restore src-vis" command may allow a local authenticated attacker to download arbitrary files on the device via specially...

VulnCheck KEV: CVE-2021-44168

Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrarily download files...

CVE-2020-36129

AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aomimage.c...

CVE-2020-36129

AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aomimage.c...

CVE-2020-36129

AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aomimage.c...

CVE-2020-36129

CVE-2020-36129 affects AOM/libaom v2.0.1 with a stack buffer overflow in src/aom_image.c. CVSSv3.1 base 8.8 (network, high impact). Connected sources confirm patched updates across multiple distributions: openSUSE/SUSE advisories (openSUSE-SU-2021:1624-1; openSUSE update notes) and GLSA/Mageia ad...

CVE-2020-36129

AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aomimage.c...

CVE-2021-43690

YurunProxy v0.01 is affected by a Cross Site Scripting (XSS) vulnerability in src/Client.php. The root cause is the exit function terminating the script and printing a message that contains data read from a socket (socket_read). This can lead to reflected or stored XSS depending on how the messag...

CVE-2021-43690

YurunProxy v0.01 is affected by a Cross Site Scripting XSS vulnerability in src/Client.php. The exit function will terminate the script and print a message which have values from the socketread...

Path traversal

tripexpress v1.1 is affected by a path manipulation vulnerability in file system/helpers/dompdf/loadfont.php. The variable src is coming from $SERVER"argv" then there is a path manipulation vulnerability...

Design/Logic Flaw

The package algoliasearch-helper before 3.6.2 are vulnerable to Prototype Pollution due to use of the merge function in src/SearchParameters/index.jsSearchParameters.parseNumbers without any protection against prototype properties. Note that this vulnerability is only exploitable if the...

libsolv: heap-based buffer overflow in testcase_read() in src/testcase.c

A flaw was found in libsolv. A buffer overflow vulnerability could cause a denial of service. The highest threat from this vulnerability is to system availability...

RHEL 8 : libsolv (RHSA-2021:4060)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4060 advisory. The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Security Fixes: libsolv:...