254 matches found
Design/Logic Flaw
Improper control of a resource through its lifetime in some IntelR ThunderboltTM controllers may allow an authenticated user to potentially enable denial of service via local access...
CSME安全漏洞
CSME is known as the Intel Management Engine BIOS Extension. A security vulnerability exists in CSME that stems from insufficient control flow management in the subsystem, which could allow an attacker to escalate privileges via local access. The following products and versions are affected:...
CVE-2021-22336
There is an Improper Control of Generation of Code vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause denial of security services on a rooted device...
GHSA-9534-H433-2RJF Improperly Controlled Modification of Dynamically-Determined Object Attributes in utilitify
utilitify prior to 1.0.3 allows modification of object properties. The merge method could be tricked into adding or modifying properties of the Object.prototype...
Huawei EulerOS: Security Advisory for pcp (EulerOS-SA-2021-1341)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : pcp (EulerOS-SA-2020-2557)
According to the versions of the pcp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE...
EulerOS 2.0 SP8 : pcp (EulerOS-SA-2020-1873)
According to the versions of the pcp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE...
CVE-2020-6245
SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker with access to local instance, to inject file or code that can be executed by the application due to Improper Control of Resource Identifiers...
CVE-2020-5743
Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to access test metadata for which they don't have permission...
CVE-2020-5743
Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to access test metadata for which they don't have permission...
The vulnerability of the monitoring panel for Cisco Unified Intelligence Center’s reporting functions allows a perpetrator to compromise the confidentiality and integrity of the protected information.
The vulnerability of the monitoring panel for creating Cisco Unified Intelligence Center reports is related to improper control of resource identifiers. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality and integrity of the protected information by usin...
IBM Security Key Lifecycle Manager: All Security Bulletins
Summary This page lists all the security bulletins that are released for IBM Security Key Lifecycle Manager. Vulnerability Details Security Bulletin: IBM Security Key Lifecycle Manager stores unencrypted password CVE-2016-6092 --- Security Bulletin: IBM Security Key Lifecycle Manager uses Less...
GHSA-JPV3-G4CC-6VFX Improper Control of Generation of Code ('Code Injection') in org.apache.activemq:activemq-client
In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive...
Trend Micro Smart Protection Server Multiple Vulnerabilities
1. Advisory Information Title: Trend Micro Smart Protection Server Multiple Vulnerabilities Advisory ID: CORE-2017-0008 Advisory URL:https://www.coresecurity.com/core-labs/advisories/trend-micro-smart-protection-server-multiple-vulnerabilities Date published: 2017-12-19 Date of last update:...