Количество 314 458
Количество 314 458
GHSA-3rf4-hfh4-9ww3
There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.
GHSA-3rf4-9569-4jw7
The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
GHSA-3rf3-mp77-8jf5
cPanel before 60.0.25 allows file-create and file-chmod operations during ModSecurity Audit logfile processing (SEC-165).
GHSA-3rf3-8wmx-cm8q
In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_cache, then call dst_release(old_dst). Note that sk_dst_reset(sk) is implementing this protocol correctly, while __dst_negative_advice() uses the wrong order. Given that ip6_negative_advice() has special logic against RTF_CACHE, this means each of the three ->negative_advice() existing methods must perform the sk_dst_reset() themselves. Note the check against NULL dst is centralized in __dst_negative_advice(), there is no need to duplicate it in various callbacks. Many thanks to Clement Lecigne for tracking this issue. This old bug became visible after the blamed commit, using UDP sockets.
GHSA-3rf2-rmw5-85x7
A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall older than version 19.5 GA.
GHSA-3rcx-pwrp-rjr2
LB-LINK BL-W1210M v2.0 was discovered to store user credentials in plaintext within the router's firmware.
GHSA-3rcx-3jjf-g7cq
Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows remote attackers to execute arbitrary code via a long string in the SourcePath value in a .wcf file.
GHSA-3rcw-vw36-hw68
udirectory.pl in Microburst Technologies uDirectory 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the category_file field.
GHSA-3rcw-9p9x-582v
Code injection in `saved_model_cli`
GHSA-3rcv-mwcm-8g8f
A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands.
GHSA-3rcv-jp3w-f98g
The Node Reference module in Content Construction Kit (CCK) module 6.x before 6.x-2.7 for Drupal does not perform access checks for the source field in the backend URL for the autocomplete widget, which allows remote attackers to discover titles and IDs of controlled nodes.
GHSA-3rcv-jmj4-w65f
In NOKIA NFM-T R19.9, a SQL Injection vulnerability occurs in /cgi-bin/R19.9/easy1350.pl of the VM Manager WebUI via the id or host HTTP GET parameter. An authenticated attacker is required for exploitation.
GHSA-3rcq-vwx7-jh65
Notable v1.8.4 does not filter text editing, allowing attackers to execute arbitrary code via a crafted payload injected into the Title text field.
GHSA-3rcq-39xp-7xjp
ic-stable-structures vulnerable to BTreeMap memory leak when deallocating nodes with overflows
GHSA-3rcp-jp25-8fmh
A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be launched remotely.
GHSA-3rcm-mfq3-5m2c
PHP remote file inclusion vulnerability in lib/onguma.class.php in the Onguma Time Sheet (com_ongumatimesheet20) 2.0 4b component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
GHSA-3rcm-9xw5-hpx9
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
GHSA-3rcm-33w6-82vp
baijiacms V3 has physical path leakage via an index.php?mod=mobile&name=member&do=index request.
GHSA-3rcg-83x5-6r67
Memory corruption while processing a video session to set video parameters.
GHSA-3rcg-456g-86p6
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being free'd. The handler for that connection could be in the smb2_sess_setup function which makes use of sess->user.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
GHSA-3rf4-hfh4-9ww3 There is an Input verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability. | 0% Низкий | больше 3 лет назад | ||
GHSA-3rf4-9569-4jw7 The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file. | 10% Средний | больше 3 лет назад | ||
GHSA-3rf3-mp77-8jf5 cPanel before 60.0.25 allows file-create and file-chmod operations during ModSecurity Audit logfile processing (SEC-165). | CVSS3: 8.1 | 0% Низкий | больше 3 лет назад | |
GHSA-3rf3-8wmx-cm8q In the Linux kernel, the following vulnerability has been resolved: net: fix __dst_negative_advice() race __dst_negative_advice() does not enforce proper RCU rules when sk->dst_cache must be cleared, leading to possible UAF. RCU rules are that we must first clear sk->sk_dst_cache, then call dst_release(old_dst). Note that sk_dst_reset(sk) is implementing this protocol correctly, while __dst_negative_advice() uses the wrong order. Given that ip6_negative_advice() has special logic against RTF_CACHE, this means each of the three ->negative_advice() existing methods must perform the sk_dst_reset() themselves. Note the check against NULL dst is centralized in __dst_negative_advice(), there is no need to duplicate it in various callbacks. Many thanks to Clement Lecigne for tracking this issue. This old bug became visible after the blamed commit, using UDP sockets. | CVSS3: 7.8 | 1% Низкий | больше 1 года назад | |
GHSA-3rf2-rmw5-85x7 A code injection vulnerability allows adjacent attackers to execute code in the Wifi controller of Sophos Firewall older than version 19.5 GA. | CVSS3: 8.8 | 0% Низкий | около 3 лет назад | |
GHSA-3rcx-pwrp-rjr2 LB-LINK BL-W1210M v2.0 was discovered to store user credentials in plaintext within the router's firmware. | CVSS3: 9.8 | 0% Низкий | больше 1 года назад | |
GHSA-3rcx-3jjf-g7cq Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows remote attackers to execute arbitrary code via a long string in the SourcePath value in a .wcf file. | 65% Средний | больше 3 лет назад | ||
GHSA-3rcw-vw36-hw68 udirectory.pl in Microburst Technologies uDirectory 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the category_file field. | 7% Низкий | почти 4 года назад | ||
GHSA-3rcw-9p9x-582v Code injection in `saved_model_cli` | CVSS3: 7.5 | 0% Низкий | около 4 лет назад | |
GHSA-3rcv-mwcm-8g8f A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands. | 0% Низкий | больше 3 лет назад | ||
GHSA-3rcv-jp3w-f98g The Node Reference module in Content Construction Kit (CCK) module 6.x before 6.x-2.7 for Drupal does not perform access checks for the source field in the backend URL for the autocomplete widget, which allows remote attackers to discover titles and IDs of controlled nodes. | 1% Низкий | больше 3 лет назад | ||
GHSA-3rcv-jmj4-w65f In NOKIA NFM-T R19.9, a SQL Injection vulnerability occurs in /cgi-bin/R19.9/easy1350.pl of the VM Manager WebUI via the id or host HTTP GET parameter. An authenticated attacker is required for exploitation. | CVSS3: 8.8 | 0% Низкий | около 2 лет назад | |
GHSA-3rcq-vwx7-jh65 Notable v1.8.4 does not filter text editing, allowing attackers to execute arbitrary code via a crafted payload injected into the Title text field. | CVSS3: 9.8 | 1% Низкий | почти 4 года назад | |
GHSA-3rcq-39xp-7xjp ic-stable-structures vulnerable to BTreeMap memory leak when deallocating nodes with overflows | CVSS3: 5.9 | 0% Низкий | больше 1 года назад | |
GHSA-3rcp-jp25-8fmh A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of the component Header Handler. Such manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. The attack can be launched remotely. | CVSS3: 7.3 | 0% Низкий | 2 месяца назад | |
GHSA-3rcm-mfq3-5m2c PHP remote file inclusion vulnerability in lib/onguma.class.php in the Onguma Time Sheet (com_ongumatimesheet20) 2.0 4b component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | 8% Низкий | больше 3 лет назад | ||
GHSA-3rcm-9xw5-hpx9 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | CVSS3: 8.2 | 0% Низкий | почти 2 года назад | |
GHSA-3rcm-33w6-82vp baijiacms V3 has physical path leakage via an index.php?mod=mobile&name=member&do=index request. | CVSS3: 5.3 | 0% Низкий | больше 3 лет назад | |
GHSA-3rcg-83x5-6r67 Memory corruption while processing a video session to set video parameters. | CVSS3: 7.8 | 0% Низкий | около 1 месяца назад | |
GHSA-3rcg-456g-86p6 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess->user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being free'd. The handler for that connection could be in the smb2_sess_setup function which makes use of sess->user. | CVSS3: 7.8 | 0% Низкий | 9 месяцев назад |
Уязвимостей на страницу