CVE-2022-29358
epub2txt2 v2.04 was discovered to contain an integer overflow via the function bug in _parse_special_tag at sxmlc.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted XML file.
Source: CVE-2022-29358
[월:] 2022년 05월
CVE-2022-29349
CVE-2022-29349
kkFileView v4.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the url parameter at /controller/OnlinePreviewController.java.
Source: CVE-2022-29349
CVE-2022-29337
CVE-2022-29337
C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability via the va_cmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request.
Source: CVE-2022-29337
CVE-2022-22497
CVE-2022-22497
IBM Aspera Faspex 4.4.1 and 5.0.0 could allow unauthorized access due to an incorrectly computed security token. IBM X-Force ID: 226951.
Source: CVE-2022-22497
CVE-2022-29334
CVE-2022-29334
An issue in H v1.0 allows attackers to bypass authentication via a session replay attack.
Source: CVE-2022-29334
CVE-2022-29333
CVE-2022-29333
A vulnerability in CyberLink Power Director v14 allows attackers to escalate privileges via a crafted .exe file.
Source: CVE-2022-29333
CVE-2021-42612
CVE-2021-42612
A use after free in cleanup_index in index.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document.
Source: CVE-2021-42612
CVE-2021-42614
CVE-2021-42614
A use after free in info_width_internal in bk_info.c in Halibut 1.2 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document.
Source: CVE-2021-42614
CVE-2021-3597
CVE-2021-3597
A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1, prior to 2.0.36.SP1, prior to 2.2.9.Final and prior to 2.0.39.Final.
Source: CVE-2021-3597
CVE-2021-3629
CVE-2021-3629
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and prior to 2.2.11.Final.
Source: CVE-2021-3629