| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| ansi-regex is vulnerable to Inefficient Regular Expression Complexity |
| A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system. |
| object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') |
| taro is vulnerable to Inefficient Regular Expression Complexity |
| nth-check is vulnerable to Inefficient Regular Expression Complexity |
| A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability. |
| prism is vulnerable to Inefficient Regular Expression Complexity |
| A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition. |
| grav-plugin-admin is vulnerable to Improper Restriction of Rendered UI Layers or Frames |
| A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObject, nor when C_DeriveKey is used with ECDH public data. This may allow a malicious user to extract the private key by performing an invalid curve attack. |
| hestiacp is vulnerable to Use of Wrong Operator in String Comparison |
| vim is vulnerable to Use After Free |
| semver-regex is vulnerable to Inefficient Regular Expression Complexity |
| An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble Cameras which could allow an unauthenticated attacker on the same network as the device to access administrative pages that could result in information disclosure or device firmware update with verified firmware. |
| Some device communications in some Motorola-branded Binatone Hubble Cameras with backend Hubble services are not encrypted which could lead to the communication channel being accessible by an attacker. |
| An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same subnet to download an encrypted log file containing sensitive information such as WiFi SSID and password. |
| A buffer overflow was reported in the local web server of some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same network to perform a denial-of-service attack against the device. |
| An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access to obtain the encryption key used to decrypt firmware update packages. |
| An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access unauthorized access to the device. |
| A vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with local access to obtain the MQTT credentials that could result in unauthorized access to backend Hubble services. |
