CVE-2021-23520
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) via the ZipFile::uncompressEntry function in juce_ZipFile.cpp. This vulnerability is…
Devamını oku
Kategori: NIST-Güvenlik Açıkları
CVE-2021-23521
This affects the package juce-framework/JUCE before 6.1.5. This vulnerability is triggered when a malicious archive is crafted with an entry containing a symbolic link. When…
CVE-2021-23520 (juce)
The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) via the ZipFile::uncompressEntry function in juce_ZipFile.cpp. This vulnerability is…
CVE-2021-27971
Alps Alpine Touchpad Driver 10.3201.101.215 is vulnerable to DLL Injection. Devamını Oku
CVE-2021-34805
An issue was discovered in FAUST iServer before 9.0.019.019.7. For each URL request, it accesses the corresponding .fau file on the operating system without preventing…
CVE-2021-27971 (touchpad_driver)
Alps Alpine Touchpad Driver 10.3201.101.215 is vulnerable to DLL Injection. Devamını Oku
CVE-2021-34805 (faust_iserver)
An issue was discovered in FAUST iServer before 9.0.019.019.7. For each URL request, it accesses the corresponding .fau file on the operating system without preventing…
CVE-2021-23484
The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) which can lead to an extraction of a crafted…
CVE-2021-23558
The package bmoor before 0.10.1 are vulnerable to Prototype Pollution due to missing sanitization in set function. **Note:** This vulnerability derives from an incomplete fix…
CVE-2021-23760
The package keyget from 0.0.0 are vulnerable to Prototype Pollution via the methods set, push, and at which could allow an attacker to cause a…