IBM Db2 安全漏洞

IBM Db2 is a relational database management system developed by IBM. Versions 11.5.0 to 11.5.9 and 12.1.0 to 12.1.3 of IBM Db2 contain security vulnerabilities. These vulnerabilities stem from improper allocation of system resources, which may allow authenticated users to cause denial-of-service...

mercurius has Uncaught Exception when using subscriptions

Impact Any users of Mercurius until version v11.5.0 are subjected to a denial of service attack by sending a malformed packet over WebSocket to /graphql. Patches This was patched in https://github.com/mercurius-js/mercurius/pull/940. The patch was released as v11.5.0 and v8.13.2. Workarounds...

CVE-2021-46333

Moddable SDK v11.5.0 was discovered to contain an invalid memory access vulnerability via the component asanmemmove...

CVE-2021-46328

Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow via the component libcstartmain...

CVE-2021-46334

Moddable SDK v11.5.0 was discovered to contain a stack buffer overflow via the component interceptorstrcat...

CVE-2021-46329

Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via the component fini...

CVE-2021-46331

Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via xs/sources/xsProxy.c in fxProxyGetPrototype...

CVE-2021-46330

Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via xs/sources/xsDataView.c in fxArrayBufferprototypeconcat...

Stack overflow

Moddable SDK v11.5.0 was discovered to contain a stack buffer overflow via the component interceptorstrcat...

Heap overflow

Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow via xs/sources/xsDataView.c in fxUint8Getter...

Design/Logic Flaw

Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via the component fini...

Heap overflow

Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow via the component asanmemcpy...

Code injection

Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via xs/sources/xsArray.c in fxArrayprototypesort...

Design/Logic Flaw

Moddable SDK v11.5.0 was discovered to contain an invalid memory access vulnerability via the component asanmemmove...

CVE-2021-46334

Moddable SDK v11.5.0 contains a stack buffer overflow in the __interceptor_strcat component caused by a boundary error when handling untrusted input. The CVE-2021-46334 entry specifies that this could allow remote code execution, with CVSS indicators in public references showing a potentially imp...

CVE-2021-46334

Moddable SDK v11.5.0 was discovered to contain a stack buffer overflow via the component interceptorstrcat...

CVE-2021-46335

Moddable SDK v11.5.0 was discovered to contain a NULL pointer dereference in the component fxFunctionprototypehasInstance...

CVE-2021-46333

CVE-2021-46333 affects Moddable SDK v11.5.0. The root cause is an invalid memory access in the component __asan_memmove . Multiple connected sources describe this issue (e.g., CNVD-2022-08359; NVD entry) and note potential impact to availability. The documents do not provide exploit details or a ...

CVE-2021-46333

Moddable SDK v11.5.0 was discovered to contain an invalid memory access vulnerability via the component asanmemmove...

CVE-2021-46331

Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability via xs/sources/xsProxy.c in fxProxyGetPrototype...