CWE:
 

Topic
Date
Author
Med.
Omnis Studio 10.22.00 Library Unlock
25.07.2023
Matthias Deeg
Low
Verbatim Store N Go Secure Portable HDD GD25LK01-3637-C VER4.0 Behavior Violation
20.06.2022
Matthias Deeg

CVEMAP Search Results

CVE
Details
Description
2024-10-03
Waiting for details
CVE-2024-47762
Updating...
 
 
Backstage is an open framework for building developer portals. Configuration supplied through APP_CONFIG_* environment variables, for example APP_CONFIG_backend_listen_port=7007, where unexpectedly ignoring the visibility defined in configuration schema. This occurred even if the configuration schema specified that they should have backend or secret visibility. This was an intended feature of the APP_CONFIG_* way of supplying configuration, but now clearly goes against the expected behavior of the configuration system. This behavior leads to a risk of potentially exposing sensitive configuration details intended to remain private or restricted to backend processes. The issue has been resolved in version 0.3.75 of the @backstage/plugin-app-backend package. As a temporary measure, avoid supplying secrets using the APP_CONFIG_ configuration pattern. Consider alternative methods for setting secrets, such as the environment substitution available for Backstage configuration.

 
2024-07-20
Waiting for details
CVE-2024-6281
Updating...
 
 
A path traversal vulnerability exists in the `apply_settings` function of parisneo/lollms versions prior to 9.5.1. The `sanitize_path` function does not adequately secure the `discussion_db_name` parameter, allowing attackers to manipulate the path and potentially write to important system folders.

 
2022-10-25
Waiting for details
CVE-2022-3344
Updating...
 
 
A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0).

 

 

Copyright 2024, cxsecurity.com

 

Back to Top