13 matches found
CVE-2025-14986 ExecuteMultiOperation Namespace Policy Bypass
When frontend.enableExecuteMultiOperation is enabled, the server can apply namespace-scoped validation and feature gates for the embedded StartWorkflowExecutionRequest using its Namespace field rather than the outer, authorized ExecuteMultiOperationRequest.Namespace. This allows a caller authoriz...
EUVD-2020-29512
Malware in sbrugna...
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
envoy: Incorrect Access Control when using SDS with Combined Validation Context
An access control bypass vulnerability was found in envoy. When the same TLS secret is used across multiple resources, the client's data, such as the subject alternative name or hash, is not validated. This flaw could lead to a possible bypass of security restrictions...
CVE-2020-8664
CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret e.g. trusted CA across many resources together with the combined validation context could lead to the “static” part of the validation context to be not applied, even thoug...
CVE-2020-8664
CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret e.g. trusted CA across many resources together with the combined validation context could lead to the “static” part of the validation context to be not applied, even thoug...
Design/Logic Flaw
CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret e.g. trusted CA across many resources together with the combined validation context could lead to the “static” part of the validation context to be not applied, even thoug...
CVE-2020-8664
CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret e.g. trusted CA across many resources together with the combined validation context could lead to the “static” part of the validation context to be not applied, even thoug...
CVE-2020-8664
CVE-2020-8664 is reported in the Red Hat OpenShift Service Mesh 1.0.9 servicemesh-proxy advisory (RHSA-2020:0734). The issue is an incorrect Access Control when using SDS with a Combined Validation Context in Envoy, which could affect access controls across multiple resources and is one of severa...
CVE-2018-16767
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::popAndValidateOperand...
CVE-2018-16764
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because of an IR::FunctionValidationContext::catchall heap-based buffer over-read...
WAVM Buffer Overflow Vulnerability (CNVD-2019-09770)
WAVM is the WebAssembly Virtual Machine. A heap buffer overflow vulnerability exists in IR::FunctionValidationContext::end in WAVM 2018-07-26 and earlier versions, which can be exploited by an attacker to cause a denial of service application crash by sending a specially crafted file...
WAVM Buffer Overflow Vulnerability
WAVM is the WebAssembly Virtual Machine. A buffer overflow vulnerability exists in the 'FunctionValidationContext::popAndValidateOperand' function in WAVM 2018-07-26 and earlier versions, which can be exploited by an attacker by sending a specially crafted file to WAVM This can be exploited to...