14 matches found
CVE-2019-11991
HPE has identified a vulnerability in HPE 3PAR Service Processor SP version 4.1 through 4.4. HPE 3PAR Service Processor SP version 4.1 through 4.4 has a remote information disclosure vulnerability which can allow for the disruption of the confidentiality, integrity and availability of the Service...
CVE-2021-45104
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker who can capture HTCondor network data can interfere with users' jobs and data...
K000149858: Apache Tomcat vulnerability CVE-2024-52318
Security Advisory Description Incorrect object recycling and reuse vulnerability in Apache Tomcat. This issue affects Apache Tomcat: 11.0.0, 10.1.31, 9.0.96. Users are recommended to upgrade to version 11.0.1, 10.1.32 or 9.0.97, which fixes the issue. CVE-2024-52318 Impact This vulnerability may...
CVE-2024-5712
A Cross-Site Request Forgery CSRF vulnerability was identified in the stitionai/devika application, affecting the latest version. This vulnerability allows attackers to perform unauthorized actions in the context of a victim's browser, such as deleting projects or changing application settings,...
CVE-2024-5712 CSRF Vulnerability in stitionai/devika
A Cross-Site Request Forgery CSRF vulnerability was identified in the stitionai/devika application, affecting the latest version. This vulnerability allows attackers to perform unauthorized actions in the context of a victim's browser, such as deleting projects or changing application settings,...
PT-2023-6787 · Google +2 · Google Chrome +2
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 114.0.5735.90 Description: The issue is related to a use after free in the PDF component, which could allow a remote attacker to potentially exploit heap corruption via a crafted PDF file. This could lead to...
The vulnerability of the init() method in the Zabbix monitoring system allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the init method in the Zabbix monitoring system is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures...
PT-2021-8093 · Samba +8 · Samba +8
Name of the Vulnerable Software and Affected Versions: Samba affected versions not specified Description: The issue is related to errors in synchronization when using a shared resource due to incorrect metadata handling. This allows an authenticated attacker with permissions to read or modify sha...
The vulnerability of VNC implementations with extensions for optimizing operations under slow data transmission channels, such as Tightvnc, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of VNC implementations with extensions for optimizing operations under slow data transmission channels, such as Tightvnc, is related to the execution of operations within the allowable buffer size limits. Exploiting this vulnerability can allow a remote attacker to gain access t...
Linux kernel 代码注入漏洞
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A memory access conflict vulnerability exists in Linux kernel versions prior to 5.10. An attacker could exploit this...
The vulnerability of the .charkeys procedure in the PostScript/PDF Ghostscript interpreter allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the .charkeys procedure in the PostScript/PDF Ghostscript interpreter is related to a security protection flaw that allows scripts to bypass the "-dSAFER" restriction. Exploiting this vulnerability can enable an attacker operating remotely to gain access to confidential data,...
The vulnerability of Google Chrome, related to insufficient validation of input data, allows a perpetrator to gain access to confidential information, compromise its integrity, and cause service failures.
The vulnerability of Google Chrome is related to the insufficient implementation of policies regarding extensions. Exploiting this vulnerability allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service interruptions...
PT-2018-3620 · Gnu +7 · Gnu Binutils +7
Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.30 Description: The issue allows attackers to cause a denial of service or possibly have other impacts, as demonstrated by an out-of-bounds write of 8 bytes during the execution of objdump. This can occur due to a...
CVE-2016-0542
The CVE-2016-0542 entry concerns Oracle E-Business Suite's Field Service Map component. Connected records indicate an unspecified vulnerability in the Oracle Field Service component that could allow remote attackers to affect integrity via unknown vectors. The documents provide product and compon...