150 matches found
2FAuth 安全漏洞
2FAuth is a web application from Bubka Personal Developers for managing two-factor authentication 2FA accounts and generating their security codes. A security vulnerability exists in 2FAuth version v5.5.0 that stems from a group deletion contention condition that could lead to data inconsistencie...
CVE-2025-45731
A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...
CVE-2025-45731
A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...
CVE-2025-45731
CVE-2025-45731 relates to a group deletion race condition in the 2FAuth v5.5.0 application. The issue arises when a group is deleted while other operations are pending, leading to data inconsistencies and orphaned accounts. The connected documents confirm the affected product and the underlying c...
CVE-2025-45731
A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...
The vulnerability of Websoft HCM’s automation software for HR processes lies in the exposure to information due to inconsistencies, allowing attackers to disclose protected information.
The vulnerability of Websoft HCM’s automation software for HR processes is related to the exposure of information due to inconsistencies. Exploiting this vulnerability allows a malicious actor to disclose the protected information remotely...
The vulnerability of the SCADA system Pult.online, related to inconsistencies in responses to incoming requests, allows a intruder to gain unauthorized access to protected information.
The vulnerability of the SCADA system Pult.online is related to inconsistencies in responses to incoming requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information by sending a specially crafted POST request...
The vulnerability of the getObjWGFServiceApiByApiName() function in the security monitoring and management tool Trend Micro Apex Central allows a attacker to execute arbitrary code.
The vulnerability of the getObjWGFServiceApiByApiName function in the monitoring and security management tool Trend Micro Apex Central is related to unpredictable behavior of the function due to inconsistencies in parameter values. Exploiting this vulnerability could allow an attacker operating...
The vulnerability of the modTMCM widget of the security monitoring and management tool Trend Micro Apex Central allows a malicious actor to upload arbitrary files.
The vulnerability of the modTMCM widget in the Trend Micro Apex Central security monitoring and management tool is related to unpredictable behavior of the function due to inconsistencies in parameter values. Exploiting this vulnerability allows an attacker operating remotely to upload arbitrary...
CVE-2022-33744
Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of that rbtree is not always done completely with the related lock held, resulting in a small race window, which can be used by unprivileged...
Threat Actor Selling 1.2 Billion Facebook Records, But Details Don’t Add Up
Threat actor 'ByteBreaker' claims to sell 1.2B Facebook records scraped via API abuse, but inconsistencies in data size and identity raise doubts...
GSDFuse: Capturing Cognitive Inconsistencies from Multi-Dimensional Weak Signals in Social Media Steganalysis
The ubiquity of social media platforms facilitates malicious linguistic steganography, posing significant security risks. Steganalysis is profoundly hindered by the challenge of identifying subtle cognitive inconsistencies arising from textual fragmentation and complex dialogue structures, and th...
VulCPE: Context-Aware Cybersecurity Vulnerability Retrieval and Management
The dynamic landscape of cybersecurity demands precise and scalable solutions for vulnerability management in heterogeneous systems, where configuration-specific vulnerabilities are often misidentified due to inconsistent data in databases like the National Vulnerability Database NVD. Inaccurate...
Mithril snapshots for Cardano database could be compromised by an adversary
Impact Mithril certification of Cardano database The Mithril network provides certification for snapshots of the Cardano database, enabling users to quickly bootstrap a Cardano node without relying on the slower peer-to-peer synchronization process. To generate a multi-signature, a minimum...
The vulnerability of PARTS SOFT’s CMS, related to discrepancies in responses to incoming requests, allows a hacker to uncover the user’s identifier.
The vulnerability of the PARTS SOFT CMS content management system is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability allows an attacker to disclose the user’s identifier by sending a specially crafted GET request...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mishandling of f2fs quotas, which could lead to data inconsistencies...
CVE-2024-10264 HTTP Request Smuggling in netease-youdao/qanything
HTTP Request Smuggling vulnerability in netease-youdao/qanything version 1.4.1 allows attackers to exploit inconsistencies in the interpretation of HTTP requests between a proxy and a server. This can lead to unauthorized access, bypassing security controls, session hijacking, data leakage, and...
CVE-2025-21860
In the Linux kernel, the following vulnerability has been resolved: mm/zswap: fix inconsistency when zswapstorepage fails Commit b7c0ccdfbafd "mm: zswap: support large folios in zswapstore" skips charging any zswap entries when it failed to zswap the entire folio. However, when some base pages ar...
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform, related to inconsistencies in responses to incoming requests, allows attackers to gain unauthorized access to protected information.
The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
CVE-2025-1867 HTTP Response Smuggling Vulnerability in libhv
Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3...