16 matches found
EUVD-2023-12290
Malicious code in bioql PyPI...
Absolute Secure Access Security Vulnerability
Absolute Secure Access is an application from Absolute, Inc. to provide Secure Service Edge SSE optimized for hybrid and mobile working models. A security vulnerability exists in versions prior to Absolute Secure Access 13.06. An attacker exploited the vulnerability resulting in a significant...
The vulnerability of the net_alloc_generic() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the netallocgeneric function in the net/core/netnamespace.c module of the Linux kernel relates to access to memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protect...
Microsoft Edge 安全漏洞
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A security feature bypass vulnerability exists in Microsoft Edge Chromium-based, which can be exploited by attackers to bypass security features and compromise integrity...
CVE-2023-1178
An issue has been discovered in GitLab CE/EE affecting all versions from 8.6 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. File integrity may be compromised when source code or installation packages are pulled from a tag or from a...
The vulnerability of the path.c component in the Git method implementation in the Libgit2 C language allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the path.c component in the Git method implementation in the C language using Libgit2 involves the use of a name with an incorrect reference. Exploiting this vulnerability allows an attacker who operates remotely to access confidential data, compromise its integrity, and caus...
Security Updates for Microsoft Publisher Products (May 2022)
The Microsoft Publisher Products are missing a security update. It is, therefore, affected by the following vulnerability: - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of...
CVE-2020-6917
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software...
The vulnerability of the WebAudio component in the Google Chrome web browser, related to memory usage after it is freed, allows attackers to access confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the WebAudio component in the Google Chrome web browser relates to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service interruptions through a specially created...
The vulnerability of the calloc() function in the Klibc environment library, related to integer overflow, allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the calloc function in the Klibc environment library is related to integer overflow. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures...
Vulnerabilities of Cisco IOS XE operating systems, which allow attackers to compromise the confidentiality and integrity of protected information
The vulnerability of Cisco IOS XE operating systems is related to deficiencies in security mechanisms. Exploiting this vulnerability can allow attackers to compromise the confidentiality and integrity of the protected information...
The vulnerability in the implementation of the WebUSB protocol of Google Chrome, related to the use of memory after it is freed, allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the WebUSB protocol implementation in Google Chrome browser is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...
The vulnerability of Google Chrome browser extensions, related to deficiencies in access control for certain functions, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of Google Chrome browsers is related to the improper application of policies. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service interruptions...
The vulnerability of the OpenOffice office suite is related to errors in applying Visual Basic for Applications (VBA) macros for security settings. This allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the OpenOffice office suite is related to errors in applying macros’ security settings in Visual Basic for Applications VBA. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...
The vulnerability of the detection mechanism of Cisco Email Security Appliance (ESA) allows attackers to bypass the configured content filters and compromise the integrity of the protected information.
The vulnerability of the detection mechanism of Cisco Email Security Appliance’s email security system is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass the configured content filters and compromise the integrity of the protected...
Symantec Endpoint Protection 12.1 - Tamper-Protection Bypass
Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/CVE-2017-6331-SYMANTEC-ENDPOINT-PROTECTION-TAMPER-PROTECTION-BYPASS.txt + ISR: ApparitionSec Vendor: ======= www.symantec.com Product: =========== Symantec Endpoint...