PT-2023-32931 · Unknown · 7-Card Fakabao

Name of the Vulnerable Software and Affected Versions: 7-card Fakabao versions 1.0 build20230805 and earlier Description: A critical issue was found in the member/notify.php file, where the manipulation of the out trade no argument leads to SQL injection. The exploit has been disclosed to the...

zagalet.com Improper Access Control vulnerability OBB-3815856

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2023-8642 · Atlassian · Jira

Name of the Vulnerable Software and Affected Versions: S/Notify versions prior to 4.0.2 for Jira Description: An issue was discovered that allows the configuration settings of S/Notify to be modified via a CSRF attack while an administrative user is logged on. This could be initiated by the...

beamish-hall.co.uk Cross Site Scripting vulnerability OBB-3783903

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SUSE CVE-2023-38710

An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALIDSPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets...

SUSE CVE-2023-38712

An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state...

libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart

A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the...

libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart

A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the...

openbiblio.de Improper Access Control vulnerability OBB-3772575

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2023-40130

In notifyTimeout of CallRedirectionProcessor, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege and background activity launch with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-44846

An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin notify.php component...

CVE-2023-44846

An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin notify.php component...

SeaCMS Security Vulnerability

SeaCMS is a free and open source web content management system written in PHP. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version v.12.8, which stems from a vulnerability that allows attackers to execute arbitrary code via the...

PT-2023-29307 · Seacms · Seacms

Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.8 Description: An issue in the software allows an attacker to execute arbitrary code via the admin notify.php component. Recommendations: For SeaCMS version 12.8, at the moment, there is no information about a newer version...

CVE-2023-24853

Memory Corruption in HLOS while registering for key provisioning notify...

Memory corruption

Memory Corruption in HLOS while registering for key provisioning notify...

CVE-2023-24853

CVE-2023-24853 describes memory corruption in the HLOS when registering for a key provisioning notify. Documents across NVD/Red Hat/PRION/Vuln enrichment consistently reference this memory-corruption issue in HLOS, with Qualcomm-linked sources noting a Qualcomm/Android context. No concrete affect...

CVE-2023-24853 Improper Input Validation in HLOS

Memory Corruption in HLOS while registering for key provisioning notify...

PT-2023-19828 · Qualcomm · Snapdragon +96

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to memory corruption in HLOS when registering for key provisioning notify. No additional details are provided about the estimated...

PT-2023-8795 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a memory leak in the drm bridge get edid function of the Linux kernel's meson component. This leak occurs on the -hpd notify callback. The EDID returned by drm...