| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper Validation of Specified Quantity in Input in Packagist dolibarr/dolibarr prior to 16.0. |
| Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. |
| An out-of-bounds read vulnerability was discovered in linux kernel in the smc protocol stack, causing remote dos. |
| Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. |
| Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. |
| Improper Neutralization of Special Elements Used in a Template Engine in Packagist mustache/mustache prior to 2.14.1. |
| Out-of-bounds Read in vim/vim prior to 8.2. |
| Heap-based Buffer Overflow in vim/vim prior to 8.2. |
| A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to convert it into a PICON file format. This issue can potentially lead to a denial of service and information disclosure. |
| The check_privacy_settings AJAX action of the WordPress GDPR WordPress plugin before 1.9.27, available to both unauthenticated and authenticated users, responds with JSON data without an "application/json" content-type. Since an HTML payload isn't properly escaped, it may be interpreted by a web browser led to this endpoint. Javascript code may be executed on a victim's browser. Due to v1.9.26 adding a CSRF check, the XSS is only exploitable against unauthenticated users (as they all share the same nonce) |
| The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog |
| vim is vulnerable to Heap-based Buffer Overflow |
| Improper Validation of Specified Quantity in Input vulnerability in dolibarr dolibarr/dolibarr. |
| radare2 is vulnerable to Out-of-bounds Read |
| vim is vulnerable to Heap-based Buffer Overflow |
| The Visual Form Builder WordPress plugin before 3.0.8 is vulnerable to CSV injection allowing a user with low level or no privileges to inject a command that will be included in the exported CSV file, leading to possible code execution. |
| vim is vulnerable to Out-of-bounds Read |
| An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. Gitlab's Slack integration is incorrectly validating user input and allows to craft malicious URLs that are sent to slack. |
| Out of bounds memory access in Blink Serial API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page and virtual serial port driver. |
