5836 matches found
No data validation, will result in all funds from the DAO contract stolen
Lines of code Vulnerability details Impact The vulnerability relies on the proposal creation function which forwards the proposal once accepted for the DAO contract to execute. Each proposal has a set of actions attached. struct Action address to; uint256 value; bytes data; function createProposa...
CVE-2023-0622
Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project i.e. HMI files. The product lacks proper validation of user-supplied data, which could result in writes past the end of allocated data structures. An attacker could leverage these...
Out-of-bounds
Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project i.e. HMI files. The product lacks proper validation of user-supplied data, which could result in writes past the end of allocated data structures. An attacker could leverage these...
Out-of-bounds
Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project i.e. HMI files. The product lacks proper validation of user-supplied data, which could result in writes past the end of allocated data structures. An attacker could leverage these...
CVE-2023-0621
CVE-2023-0621 affects Horner Automation Horner/Cscape Envision RV v4.60. The vulnerability is an out-of-bounds read when parsing project (HMI) files, caused by insufficient validation of user-supplied data, potentially enabling arbitrary code execution in the current process. Mitigation: vendor n...
CVE-2023-0623
CVE-2023-0623 affects Cscape Envision RV v4.60 (Horner Automation). The vulnerability is an out-of-bounds write when parsing project (HMI) files, due to improper validation of user-supplied data, enabling arbitrary code execution in the affected process. Public sources in the connected documents ...
CVE-2023-0623 CVE-2023-0623
Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project i.e. HMI files. The product lacks proper validation of user-supplied data, which could result in writes past the end of allocated data structures. An attacker could leverage these...
PT-2023-4147 · Google +2 · Google Chrome +2
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 111.0.5563.64 Description: The issue is related to insufficient data validation in DevTools, allowing a remote attacker to bypass navigation restrictions via a crafted HTML page. This is considered a low-severi...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in versions of Google Chrome prior to 107.0.5304.62 that stems from insufficient validation of data...
The vulnerability of the Adobe Photoshop graphic editor lies in insufficient validation of input data, allowing attackers to execute arbitrary code.
The vulnerability of the Adobe Photoshop graphic editor is related to insufficient verification of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
Zerocoin libzerocoin 数据伪造问题漏洞
libzerocoin is a Zerocoin open source C++ library. It implements the core cryptographic routines of the Zerocoin protocol. Zerocoin libzerocoin A data forgery issue vulnerability exists, which stems from insufficient validation of the authenticity of data...
JTEKT Kostac PLC Programming Software 缓冲区错误漏洞
JTEKT Kostac PLC Programming Software is a PLC programmer software for personal computers from JTEKT Japan. A security vulnerability exists in JTEKT Kostac PLC Programming Software version 1.6.9.0 and prior versions, which originates from an out-of-bounds read due to an inability to validate data...
The vulnerability of BIOS microprogramming software in Dell laptops, related to insufficient validation of input data, allows a hacker to execute arbitrary code.
The vulnerability of BIOS microprogramming software in Dell laptops is related to insufficient verification of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
LibTIFF 缓冲区错误漏洞
LibTIFF is a library for reading and writing TIFF Tagged Image File Format files. LibTIFF version 4.4.0 contains an out-of-bounds read vulnerability, which stems from the lack of proper validation of user-supplied data and is exploited by attackers to cause a denial of service via specially craft...
Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...
Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...