PT-2024-6647 · Su +4 · Su +4

Name of the Vulnerable Software and Affected Versions: Authd PAM module versions prior to 0.3.5 Description: The issue is related to errors in privilege management, allowing a remote attacker to gain access to another user's account by executing commands such as su, sudo, or ssh and modifying the...

Drupal Two-factor Authentication (TFA) module < 1.8.0 - Unauthenticated Broken Access Control vulnerability

Unauthenticated Broken Access Control vulnerability discovered by Francesco Placella in WordPress Module Two-factor Authentication TFA versions 1.8.0...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is a distributed operating system developed independently by Huawei Technologies Co. Huawei EMUI is Huawei's emotional operating system based on Android. Huawei HarmonyOS/EMUI suffers from an access privilege authentication vulnerability, which originates from an access privilege...

PT-2024-31633 · Unknown · Wms Module

Name of the Vulnerable Software and Affected Versions: WMS module affected versions not specified Description: The issue is related to an access permission verification vulnerability in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality...

The vulnerability of the ngx_http_v4_module in NGINX Plus and NGINX OSS web servers, related to reading data from outside of memory, allows attackers to cause service interruptions.

The vulnerability of the ngxhttpv4module in NGINX Plus and NGINX OSS web servers is related to reading data from outside of the memory boundaries. Exploiting this vulnerability can allow attackers to cause service failures...

Moderate: python3.11 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

AlienVault Authenticated SQL Injection Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AlienVault Authenticated SQL Injection Arbitrary File Read", 'Description' = %q AlienVault 4.5.0 is susceptible to an authenticated SQL injection...

webcrack 安全漏洞

webcrack is a tool for reverse engineering javascript by the individual developer j4k0xb. A security vulnerability exists in webcrack that originates from an arbitrary file write vulnerability in the webcrack module when processing specially crafted malicious code on Windows systems...

CVE-2024-42035

Permission control vulnerability in the App Multiplier module Impact:Successful exploitation of this vulnerability may affect functionality and confidentiality...

Huawei EMUI和Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. Huawei HarmonyOS and EMUI are vulnerable to an access...

Dell iDRAC Service Module 缓冲区错误漏洞

The Dell iDRAC Service Module is a lightweight software module from Dell USA designed to run on Dell PowerEdge servers to enhance the functionality of iDRAC Integrated Dell Remote Access Controller. An out-of-bounds write vulnerability exists in Dell iDRAC Service Module 5.3.0.0 and earlier...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an inconsistency between the data length and count during a write operation in the nfc/nci module, where...

The vulnerability of the Logger Module in the Dell Software Repository Manager allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Logger Module in the Dell Repository Manager exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to information...

CVE-2024-36682

In the module "Theme settings" pkthemesettings = 1.8.8 from Promokit.eu for PrestaShop, a guest can download all email collected while SHOP is in maintenance mode. Due to a lack of permissions control, a guest can access the txt file which collect email when maintenance is enable which can lead t...

USN-6826-1 libapache-mod-jk vulnerability

Karl von Randow discovered that modjk was vulnerable to an authentication bypass. If the configuration did not provide explicit mounts for all possible proxied requests, an attacker could possibly use this vulnerability to bypass security constraints configured in httpd...

The vulnerability of the VsApiNT module of the ApexOne Security Agent software in anti-virus programs from Trend Micro’s Apex One, and Apex One as a Service, allows attackers to gain unauthorized access to protected information.

The vulnerability of the VsApiNT module in the ApexOne Security Agent software of Trend Micro’s Apex One antivirus solutions is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected...

The vulnerability of the HTTP/3 QUIC module (ngx_http_v3_module) in NGINX Plus and NGINX OSS web servers allows a attacker to cause a service failure.

The vulnerability of the HTTP/3 QUIC module ngxhttpv3module in NGINX Plus and NGINX OSS relates to the assignment of the zero pointer. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending specially crafted HTTP/3 requests...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a vulnerability in the s390/cio module...

Huawei HarmonyOS and EMUI Memory Module Out-of-Bounds Access Vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. An out-of-bounds access vulnerability exists in the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a resource leak in the mmc:sdio module...