SputnikVM, also called evm, is a Rust implementation of Ethereum Virtual Machine. Tinyproxy commit 84f203f and earlier use uninitialized buffers in process_request() function. Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. In JetBrains TeamCity before 2022.04.4 environmental variables of "password" type could be logged when using custom Perforce executable OpenCart 3.x Newsletter Custom Popup was discovered to contain a SQL injection vulnerability via the email parameter at index.php?route=extension/module/so_newletter_custom_popup/newsletter. As a result, the user may become a victim of a phishing attack. Improper authorization in handler for custom URL scheme vulnerability in Lemon8 App for Android versions prior to 3.3.5 and Lemon8 App for iOS versions prior to 3.3.5 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App.
Jenkins Custom Checkbox Parameter Plugin 1.4 and earlier does not escape the name and description of Custom Checkbox Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
0 kommentar(er)
