5 matches found
Audiobookshelf 跨站脚本漏洞
Audiobookshelf is an open-source, self-hosted server for audio books and podcasts. Versions of Audiobookshelf prior to 2.32.0 contained a cross-site scripting vulnerability. This vulnerability was caused by malicious library metadata, leading to storage-based cross-site scripting, which could...
webkitgtk: Logic issue leading to arbitrary code execution
A logic issue was found in WebKitGTK and WPE WebKit in versions prior to 2.32.0. A remote attacker may be able to cause arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2023-22366
CX-Motion-MCH v2.32 and earlier contains an access of uninitialized pointer vulnerability. Having a user to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution...
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller leading to a denial of service (application crash) or possibly unspecified other impact.
...
GNU Binutils Excessive Memory Allocation Attempt Vulnerability
GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. An excessive memory allocation attempt vulnerability exists in elfreadnotes in elf.c in the Binary File Descriptor BFD library known as libbfd used...