433 matches found
Froxlor vulnerable to business logic errors
Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22...
CVE-2023-4304
Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0...
Code injection
Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0...
CVE-2023-4304
CVE-2023-4304 concerns Froxlor (froxlor/froxlor) with business logic errors in versions prior to 2.0.22 and 2.1.0. Connected documents identify the affected software as Froxlor and describe the issue as a logic/design flaw in the application rather than a low-level vulnerability in a library. Mit...
CVE-2023-4304 Business Logic Errors in froxlor/froxlor
Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0...
CVE-2023-4304 Business Logic Errors in froxlor/froxlor
Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0...
CVE-2023-4304 Business Logic Errors in froxlor/froxlor
Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0...
Business Logic Errors
github.com/answerdev/answer is vulnerable to Business Logic Errors. The vulnerability exists due to a lack of server side logic for account deletion, which allows an authenticated attacker to delete the administrator account...
Business Logic Errors
github.com/answerdev/answer is vulnerable to Business Logic Errors. The vulnerability exists in UpdateUserPassword function at userbackyard.go because the password restrictions are not properly set which allows an attacker to lock victims out of their account...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2563)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2514)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.6 : libxml2 (EulerOS-SA-2023-2412)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2412)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-3484 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 12.8 before 15.11.11, all versions starting from 16.0 before 16.0.7, all versions starting from 16.1 before 16.1.2. An attacker could change the name or path of a public top-level group in certain situations...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2386)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2316)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ROS-20230616-04
Libxml2 library vulnerability is related to NULL pointer dereferencing error in the xmlSchemaFixupComplexType. Exploitation of the vulnerability could allow an attacker acting remotely, to transmit specially crafted data to an application and perform a denial of service attack. The Libxml2 librar...
GHSA-28VP-39RF-3Q2J Magento Open Source has Business Logic Errors Vulnerability
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by a Business Logic Errors vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitation ...
Magento Open Source has Business Logic Errors Vulnerability
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by a Business Logic Errors vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitation ...
CVE-2023-29294
Adobe Commerce versions 2.4.6 and earlier, 2.4.5-p2 and earlier and 2.4.4-p3 and earlier are affected by a Business Logic Errors vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass a minor functionality. Exploitation ...