Vulnerabilities (CVE)

Filtered by vendor Dart Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-22568	1 Dart	1 Dart Software Development Kit	2021-12-14	6.0 MEDIUM	8.8 HIGH
When using the dart pub publish command to publish a package to a third-party package server, the request would be authenticated with an oauth2 access_token that is valid for publishing on pub.dev. Using these obtained credentials, an attacker can impersonate the user on pub.dev. We recommend upgrading past https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8 or beyond version 2.15.0
CVE-2012-5389	1 Dart	1 Powertcp Webserver For Activex	2020-01-28	5.0 MEDIUM	7.5 HIGH
NULL Pointer Dereference in PowerTCP WebServer for ActiveX 1.9.2 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted HTTP request.