14 matches found
@internxt/cli (>=1.0.5 <=1.2.2), @latitude-data/cli (>=0.0.29 <=1.11.0-canary.8) +18 more potentially affected by CVE-2026-34043 via serialize-javascript (>=7.0.0 <=7.0.4)
serialize-javascript NPM version =7.0.0, =1.0.5, =0.0.29, =1.23.0-beta.0, =1.23.0-beta.0, =1.23.0-beta.0, =1.23.0-beta.0, =18.33.0, =0.7.5, =0.9.8, =0.15.8, =1.3.0, =0.1.0, =0.1.49 and more Source cves: CVE-2026-34043 Source advisory: SNYK:JS-SERIALIZEJAVASCRIPT-15809196...
Linux Distros Unpatched Vulnerability : CVE-2021-21441
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Atta...
QEMU 代码问题漏洞
QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. A code issue vulnerability exists in QEMU rocker device model 7.0.0 and earlier versions, which stems from a null pointer dereference issue in...
UBUNTU-CVE-2023-38060
Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS Generic Interface modules allows any authenticated attacker to to perform an host header injection for the ContentType header of the attachment. This issue...
CVE-2023-32448
PowerPath for Windows, versions 7.0, 7.1 & 7.2 contains License Key Stored in Cleartext vulnerability. A local user with access to the installation directory can retrieve the license key of the product and use it to install and license PowerPath on different systems...
UBUNTU-CVE-2023-21990
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...
Oracle Virtualization 安全漏洞
Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The product is used to unify the management of the entire hardware and software architecture from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the...
CVE-2022-1731
Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0 is vulnerable to a SQL injection attack in the username field. SSO or System authentication are required to be enabled for vulnerable conditions to exist...
PT-2022-12153 · Fis +3 · Fis Gt.M +3
Name of the Vulnerable Software and Affected Versions: FIS GT.M versions through V7.0-000 Description: The issue is related to a lack of input validation in calls to do verify in sr unix/do verify.c, which allows attackers to attempt to jump to a NULL pointer by corrupting a function pointer...
LibreOffice 安全漏洞
LibreOffice is an open source office software suite from The Document Foundation tdf. The product includes applications such as Writer text documents, Calc spreadsheets and Impress presentations. A security vulnerability exists in LibreOffice that allows remote attackers to bypass implemented...
CVE-2019-2044
In MakeMPG4VideoCodecSpecificData of APacketSource.cpp, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product:...
JDK: DoS in the java.math component
A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data. IBM X-Force ID: 141681...
Google Android System Information Disclosure Vulnerability (CNVD-2018-16197)
Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An information disclosure vulnerability exists in the System component of Google Android versions 7.0, 7.1.1, 7.1.2, 8.0, and 8.1. An attacker can exploit this...
DEBIAN-CVE-2018-1000101
Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination CWE-170 vulnerability in mingw-w64-crt libc-vsnprintf that can result in The bug may be used to corrupt subsequent string functions. This attack appear to be exploitable via Depending on the usage,...