2206 matches found
CVE-2020-26237
Highlight.js vulnerability CVE-2020-26237: Prototype Pollution in versions before 9.18.2 and 10.1.2 (and older); a malicious HTML block could pollute Object.prototype during highlighting. Upstream fixes exist in 9.18.2+, 10.1.2+, and newer. Debian/OSS advisories also reference updates; remediatio...
OpenLDAP Certificate List Syntax Denial of Service Vulnerability
OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol LDAP from the OpenLDAP Foundation in the United States. A denial of service vulnerability exists in OpenLDAP Certificate List Syntax, which can be exploited by an attacker to trigger a denial of service by...
OpenLDAP 安全漏洞
OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol LDAP from the OpenLDAP Foundation in the United States. A denial of service vulnerability exists in OpenLDAP Certificate List Syntax, which can be exploited by an attacker to trigger a denial of service by...
CVE-2017-18926
raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...
CVE-2017-18926
raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...
CVE-2017-18926
raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...
Heap overflow
raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...
CVE-2017-18926
raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...
CVE-2017-18926
raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...
CVE-2017-18926
raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...
CVE-2017-18926
CVE-2017-18926 affects Raptor RDF Syntax Library 2.0.15, where raptor_xml_writer_start_element_common miscalculates the maximum number of XML namespace declarations, causing heap-based buffer overflows (observed with raptor_qname_format_as_xml). The connected Nessus advisories show the issue impa...
CVE-2017-18926
raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...
Mozilla Network Security Services Code Issue Vulnerability
Network Security Services NSS is a set of libraries for cross-platform development of security-enabled client and server applications compiled with NSS to support security standards such as SSLv2, SSLv3, TLS, etc. NSS is an underlying cryptography library from the Mozilla Foundation. NSS is an...
RLSA-2020:4539 Moderate: pcre2 security and enhancement update
The pcre2 package contains a new generation of the Perl Compatible Regular Expression libraries for implementing regular expression pattern matching using the same syntax and semantics as Perl. Security Fixes: pcre: Out of bounds read in JIT mode when \X is used in non-UTF mode CVE-2019-20454 For...
Fedora: Security Advisory for gitit (FEDORA-2020-1eaffe0013)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 31 Update: gitit-0.12.3.2-4.fc31
Gitit is a wiki backed by a git, darcs, or mercurial filestore. Pages and uploaded files can be modified either directly via the VCS's command-line t ools or through the wiki's web interface. Pandoc is used for markup processing, so pages may be written in extended markdown, reStructuredText,...
[SECURITY] Fedora 32 Update: gitit-0.12.3.2-6.fc32
Gitit is a wiki backed by a git, darcs, or mercurial filestore. Pages and uploaded files can be modified either directly via the VCS's command-line t ools or through the wiki's web interface. Pandoc is used for markup processing, so pages may be written in extended markdown, reStructuredText,...
CVE-2020-15228
In the @actions/core npm module before version 1.2.6,addPath and exportVariable functions communicate with the Actions Runner over stdout by generating a string in a specific format. Workflows that log untrusted data to stdout may invoke these commands, resulting in the path or environment...
Design/Logic Flaw
In the @actions/core npm module before version 1.2.6,addPath and exportVariable functions communicate with the Actions Runner over stdout by generating a string in a specific format. Workflows that log untrusted data to stdout may invoke these commands, resulting in the path or environment...
Environment Variable Injection in GitHub Actions
Impact The @actions/core npm module addPath and exportVariable functions communicate with the Actions Runner over stdout by generating a string in a specific format. Workflows that log untrusted data to stdout may invoke these commands, resulting in the path or environment variables being modifie...