Chluo1997

#7984of 53,635
34.4Total CVSS
Vulnerabilities · 5
Medium
3
High
2
PT-2022-22633
6.1
2022-08-18
Unknown · Ecommerce-Codeigniter-Bootstrap · CVE-2022-35213
**Name of the Vulnerable Software and Affected Versions** Ecommerce-CodeIgniter-Bootstrap versions before commit 56465f **Description** A cross-site scripting (XSS) issue was found in the function base url() at the /blog/blogpublish.php endpoint. This allows for potential exploitation. **Recommendations** For versions before commit 56465f, update to a version that includes commit 56465f or later to resolve the issue. As a temporary workaround, consider restricting access to the /blog/blogpublish.php endpoint until the update is applied.
PT-2022-23768
7.8
2022-08-18
Tcpreplay · Tcpreplay · CVE-2022-37047
**Name of the Vulnerable Software and Affected Versions** Tcpreplay version 4.4.1 **Description** A heap-based buffer overflow was discovered in the `tcprewrite` component of Tcpreplay, specifically in the `get ipv6 next` function at `common/get.c:713`. **Recommendations** For Tcpreplay version 4.4.1, consider applying a patch or fix to address the heap-based buffer overflow issue in the `tcprewrite` component. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-24058
7.5
2022-08-18
Libjpeg · Libjpeg · CVE-2022-37768
**Name of the Vulnerable Software and Affected Versions** libjpeg (affected versions not specified) **Description** The issue is related to an infinite loop in the Frame::ParseTrailer component. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-24059
6.5
2022-08-18
Libjpeg · Libjpeg · CVE-2022-37769
**Name of the Vulnerable Software and Affected Versions** libjpeg (affected versions not specified) **Description** The issue allows attackers to cause a Denial of Service (DoS) via a crafted file, exploiting a segmentation fault in the HuffmanDecoder::Get function at huffmandecoder.hpp. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-24060
6.5
2022-08-18
Libjpeg · Libjpeg · CVE-2022-37770
**Name of the Vulnerable Software and Affected Versions** libjpeg version 281daa9 **Description** The issue allows attackers to cause a Denial of Service (DoS) via a crafted file, exploiting a segmentation fault in the LineMerger::GetNextLowpassLine function at linemerger.cpp. **Recommendations** For version 281daa9, consider avoiding the use of crafted files that may trigger the segmentation fault in the LineMerger::GetNextLowpassLine function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.