CVE-2021-46052

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate...

CVE-2021-46052

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate...

CVE-2021-46052

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate...

UBUNTU-CVE-2021-46052

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate...

Binaryen 安全漏洞

Binaryen is a compiler infrastructure and toolchain library for WebAssembly written in C++. A denial of service vulnerability exists in Binaryen version 104, which stems from an assertion abort in the software wasm::Tuple::validate, and could be exploited by an attacker to cause a denial of servi...

CVE-2021-46052

CVE-2021-46052 concerns a Denial of Service in Binaryen 104 caused by an assertion abort in wasm::Tuple::validate. The vulnerability is triggered within the Binaryen project’s WebAssembly tooling, with no public details on exploit specifics, vectors, or affected subversions beyond version 104. Th...

CVE-2021-46052

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate...

CVE-2021-46052

A Denial of Service vulnerability exists in Binaryen 104 due to an assertion abort in wasm::Tuple::validate...

PT-2025-7997

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.30 Description A general protection fault was observed in the Linux kernel when running WebGL Aquarium for an extended duration. The issue is related to the drm/amd/display component and the dcn30 internal...

UBUNTU-CVE-2021-21708

In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTERVALIDATEFLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in...

GSD-2021-1002688 mac80211: validate extended element ID is present

mac80211: validate extended element ID is present This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.88 by commit...

Bentley View JT File Parsing Stack Buffer Overflow Remote Code Execution Vulnerability

Bentley View is a free viewer from Bentley Systems, Inc. Bentley View JT file parsing stack buffer overflow remote code execution vulnerability is due to failure to properly validate the length of user-supplied data before copying it to the stack buffer. An attacker could exploit this vulnerabili...

GSD-2021-1002230 usb: host: ohci-tmio: check return value after calling platform_get_resource()

usb: host: ohci-tmio: check return value after calling platformgetresource This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.291 by commit...

OSV-2021-1592 Heap-buffer-overflow in arrow::internal::ValidateArrayImpl::Visit

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41143 Crash type: Heap-buffer-overflow READ 4 Crash state: arrow::internal::ValidateArrayImpl::Visit arrow::internal::ValidateArrayImpl::ValidateWithType arrow::internal::ValidateArrayImpl::Validate...

CVE-2021-26326

CVE-2021-26326 describes a failure to validate VM_HSAVE_PA during SNP_INIT that can compromise memory integrity on AMD platforms. Public details in connected sources indicate the vulnerability affects AMD 3rd Gen EPYC processors (Milan) per the AMD Server Vulnerabilities bulletin AMD-SB-1021, wit...

Backup and Restore <= 1.0.3 - Admin+ Arbitrary File Deletion

The plugin does not sanitise and validate the foldername parameter when deleting a report, which could allow high privilege users to delete arbitrary files on the web server, including those outside of the WordPress folder PoC POST /wp-admin/admin-ajax.php HTTP/1.1 Accept: / Accept-Language:...

CVE-2021-39121

Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to enumerate the keys of private Jira projects via an Information Disclosure vulnerability in the /rest/api/latest/projectvalidate/key endpoint. The affected versions are before version 8.5.18, from...

ZOHO ManageEngine Log360 Cross-Site Scripting Vulnerability

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. A cross-site scripting vulnerability exists in ZOHO ManageEngine Log360, which stems from the product's failure to validate user data. An attacker could execute client-side...

Cross-site Scripting (XSS) - Stored in leantime/leantime

✍️ Description Stored xss bug using a xss payload in the Ideas area when adding a comment in the discussion area 🕵️‍♂️ Proof of Concept Goto http://localhost/ideas/showBoards and click on add an idea and copy paste the following xss payload in the discussion field javascript " Click on safe and see...

PYSEC-2021-768

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type tf.rawops.MatrixDiagV. The implementation has incomplete validation that the value of k is a valid...