8 matches found
CVE-2025-5987 Libssh: invalid return code for chacha20 poly1305 with openssl backend
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...
CVE-2021-38175
SAP Analysis for Microsoft Office - version 2.8, allows an attacker with high privileges to read sensitive data over the network, and gather or change information in the current system without user interaction. The attack would not lead to an impact on the availability of the system, but there...
PT-2025-20905 · Totolink · Totolink A3002Ru
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R version 4.0.0-B20230531.1404 Description: The issue is related to a buffer overflow in the formMapDelDevice interface of the TOTOLINK A3002R router's firmware. This occurs due to the lack of size checking for input data, which...
CVE-2024-4151
An Improper Access Control vulnerability exists in lunary-ai/lunary version 1.2.2, where users can view and update any prompts in any projects due to insufficient access control checks in the handling of PATCH and GET requests for template versions. This vulnerability allows unauthorized users to...
Unspecified Vulnerability in Oracle Hospitality Simphony (CNVD-2019-37393)
Oracle Food and Beverage Applications is a suite of food and beverage sales management solutions from Oracle. Hospitality Simphony is one of the cloud-based hospitality components. A security vulnerability exists in Oracle Hospitality Simphony 2.10. An attacker could exploit the vulnerability to...
CVE-2018-2783
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with...
Oracle Hospitality e7 Unauthorized Operation Vulnerability
Oracle Hospitality Applications is a set of business applications, servers and storage solutions for hotel management from Oracle. The program provides human resources cost management, provide customers with the entire journey of service tracking management to improve customer satisfaction and...
SUSE-SU-2015:1086-4 Security update for IBM Java
java-170-ibm has been updated to version 1.7.0sr7.2 to fix 21 security issues. These security issues have been fixed: Unspecified vulnerability CVE-2014-3065. The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for...