20 matches found
EUVD-2022-34101
Malicious code in bioql PyPI...
GHSA-XW5J-GV2G-MJM2 Miscompilation in cortex-m-rt 0.7.1 and 0.7.2
Version 0.7.1 of the cortex-m-rt crate introduced a regression causing the stack to NOT be eight-byte aligned prior to calling main or any other specified entrypoint, violating the stack ABI of AAPCS32, the default ABI used by all Cortex-M targets. This regression is also present in version 0.7.2...
CVE-2022-46146 Prometheus Exporter Toolkit vulnerable to basic authentication bypass
Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix...
CVE-2022-32414
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsvmcodeinterpreter at src/njsvmcode.c...
CVE-2022-31307
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsstringoffset at src/njsstring.c...
CVE-2022-31306
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsarrayconverttoslowarray at src/njsarray.c...
CVE-2022-32414
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsvmcodeinterpreter at src/njsvmcode.c...
CVE-2022-31307
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsstringoffset at src/njsstring.c...
Code injection
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsstringoffset at src/njsstring.c...
Design/Logic Flaw
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsvmcodeinterpreter at src/njsvmcode.c...
CVE-2022-32414
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsvmcodeinterpreter at src/njsvmcode.c...
CVE-2022-31307
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsstringoffset at src/njsstring.c...
CVE-2022-29779
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsvalueownenumerate at src/njsvalue.c...
Design/Logic Flaw
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njssetnumber at src/njsvalue.h...
CVE-2022-29780
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsarrayprototypesort at src/njsarray.c...
CVE-2022-29779
CVE-2022-29779 affects Nginx NJS v0.7.2. The issue is a segmentation violation in the function njs_value_own_enumerate located in src/njs_value.c . This vulnerability can cause a denial of service. No exploitation details or fixes are provided in the available documents; remediation/fix status is...
CVE-2022-28927
A remote code execution RCE vulnerability in Subconverter v0.7.2 allows attackers to execute arbitrary code via crafted config and url parameters...
Remote code execution
A remote code execution RCE vulnerability in Subconverter v0.7.2 allows attackers to execute arbitrary code via crafted config and url parameters...
CVE-2022-28927
A remote code execution RCE vulnerability in Subconverter v0.7.2 allows attackers to execute arbitrary code via crafted config and url parameters...
PYSEC-2021-860
Croatia Control Asterix 2.8.1 pythonv0.7.2 has a heap-based buffer over-read, with additional details to be disclosed at a later date...