Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arrow vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-47248
Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources (for example user-supplied input files). This vuln...
Apache Pyarrow
3 Github repositories
NA
CVE-2024-32001
SpiceDB is a graph database purpose-built for storing and evaluating access control data. Use of a relation of the form: `relation folder: folder | folder#parent` with an arrow such as `folder->view` can cause LookupSubjects to only return the subjects found under subjects for...
5.5
CVSSv3
CVE-2019-19797
read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.
Xfig Project Fig2dev 3.2.7
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
NA
CVE-2024-1276
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Content Ticker arrow attribute in all versions up to, and including, 5.9.8 due to insufficient i...
7.2
CVSSv3
CVE-2023-34448
Grav is a flat-file content management system. Prior to version 1.7.42, the patch for CVE-2022-2073, a server-side template injection vulnerability in Grav leveraging the default `filter()` function, did not block other built-in functions exposed by Twig's Core Extension tha...
Getgrav Grav
9.8
CVSSv3
CVE-2022-23614
Twig is an open source template language for PHP. When in a sandbox mode, the `arrow` parameter of the `sort` filter must be a closure to avoid attackers being able to run arbitrary PHP functions. In affected versions this constraint was not properly enforced and could lead to co...
Symfony Twig
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 11.0
2 Github repositories
8.6
CVSSv3
CVE-2023-20243
A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote malicious user to cause the affected system to stop processing RADIUS packets. This vulnerability is due to improper handling of certain RADIUS ...
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
NA
CVE-2017_5715
First of all This repository is based on the findings of these 3 repositories: https://github.com/peter-nebe/optee_os/tree/master, https://github.com/jefg89/optee-rpi4/tree/main and most notably https://github.com/joaopeixoto13/OPTEE-RPI4. The idea of this repository is to work a...
1 Github repository
NA
CVE-2018_3639
First of all This repository is based on the findings of these 3 repositories: https://github.com/peter-nebe/optee_os/tree/master, https://github.com/jefg89/optee-rpi4/tree/main and most notably https://github.com/joaopeixoto13/OPTEE-RPI4. The idea of this repository is to work a...
1 Github repository
NA
CVE-2022_23960
First of all This repository is based on the findings of these 3 repositories: https://github.com/peter-nebe/optee_os/tree/master, https://github.com/jefg89/optee-rpi4/tree/main and most notably https://github.com/joaopeixoto13/OPTEE-RPI4. The idea of this repository is to work a...
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2