| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Vite is a frontend tooling framework for javascript. Vite exposes content of non-allowed files using ?inline&import or ?raw?import. Only apps explicitly exposing the Vite dev server to the network (using --host or server.host config option) are affected. This vulnerability is fixed in 6.2.4, 6.1.3, 6.0.13, 5.4.16, and 4.5.11. |
| When run on commands with certain arguments set, explain may fail to validate these arguments before using them. This can lead to crashes in router servers. This affects MongoDB Server v5.0 prior to 5.0.31, MongoDB Server v6.0 prior to 6.0.20, MongoDB Server v7.0 prior to 7.0.16 and MongoDB Server v8.0 prior to 8.0.4 |
| A MongoDB server under specific conditions running on Linux with TLS and CRL revocation status checking enabled, fails to check the revocation status of the intermediate certificates in the peer's certificate chain. In cases of MONGODB-X509, which is not enabled by default, this may lead to improper authentication. This issue may also affect intra-cluster authentication. This issue affects MongoDB Server v5.0 versions prior to 5.0.31, MongoDB Server v6.0 versions prior to 6.0.20, MongoDB Server v7.0 versions prior to 7.0.16 and MongoDB Server v8.0 versions prior to 8.0.4.
Required Configuration : MongoDB Server must be running on Linux Operating Systems and CRL revocation status checking must be enabled |
| Memory corruption while handling invalid inputs in application info setup. |
| Transient DOS while processing power control requests with invalid antenna or stream values. |
| Memory corruption while encoding the image data. |
| Transient DOS while handling command data during power control processing. |
| Transient DOS while parsing the EPTM test control message to get the test pattern. |
| Memory corruption due to global buffer overflow when a test command uses an invalid payload type. |
| Memory corruption due to double free when multiple threads race to set the timestamp store. |
| Memory corruption while handling repeated memory unmap requests from guest VM. |
| Memory corruption while processing data sent by FE driver. |
| Memory corruption while processing message in guest VM. |
| Memory corruption while processing config_dev IOCTL when camera kernel driver drops its reference to CPU buffers. |
| Information disclosure when Video engine escape input data is less than expected minimum size. |
| Memory corruption while selecting the PLMN from SOR failed list. |
| Information disclosure while running video usecase having rogue firmware. |
| memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency. |
| information disclosure while invoking calibration data from user space to update firmware size. |
| Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set. |
