163 matches found
DEBIAN-CVE-2023-52774
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel...
CVE-2023-52774
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasdprofilestart the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel...
CVE-2023-52774
CVE-2023-52774 : In the Linux kernel (s390/dasd), the device queue could be accessed concurrently in dasd_profile_start(), allowing the queue to change while it is being read; this could trigger a kernel panic due to invalid pointer accesses when I/O is highly parallel (aliases). The root cause i...
SUSE CVE-2022-44730
Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL...
batik: Server-Side Request Forgery vulnerability
A flaw was found in Apache Batik, where a malicious SVG can probe user profile data and send it directly as parameter to a URL. This issue can allow an attacker to conduct SSRF attacks...
Server side request forgery (ssrf)
Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL...
CVE-2023-23299
The permission system implemented and enforced by the GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 can be bypassed entirely. A malicious application with specially crafted code and data sections could access restricted CIQ modules, call their functions and disclose sensitive data...
CVE-2023-23299
The permission system implemented and enforced by the GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 can be bypassed entirely. A malicious application with specially crafted code and data sections could access restricted CIQ modules, call their functions and disclose sensitive data...
SUSE CVE-2015-7186
Mozilla Firefox before 42.0 on Android allows user-assisted remote attackers to bypass the Same Origin Policy and trigger 1 a download or 2 cached profile-data reading via a file: URL in a saved HTML document...
HackerOne: [CVE-2022-44268] Arbitrary Remote Leak via ImageMagick
A Local File Inclusion vulnerability was discovered in an outdated version of ImageMagick used for image resizing on a website. An attacker could exploit this vulnerability by uploading a malicious PNG image, which would include the local file as content of the resized image in a hexadecimal...
CVE-2022-40287 Stored cross-site scripting in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC via user profile data fields.
The application was found to be vulnerable to an authenticated Stored Cross-Site Scripting XSS vulnerability in messaging functionality, leading to privilege escalation or a compromise of a targeted account...
CVE-2022-36454
A vulnerability in the MiCollab Client API of Mitel MiCollab through 9.5.0.101 could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. A successful exploit could allow the authenticated attacker to impersonate another user's name...
PT-2022-23378 · Mitel · Mitel Micollab
Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions through 9.5.0.101 Description: A vulnerability in the MiCollab Client API could allow an authenticated attacker to modify their profile parameters due to improper authorization controls. This could allow the attacker t...
PT-2022-23717 · Ivanti · Ivanti Avalanche
Name of the Vulnerable Software and Affected Versions: Ivanti Avalanche version 6.3.2.3490 Description: This issue allows remote attackers to bypass authentication on affected installations. Although authentication is required to exploit this issue, the existing authentication mechanism can be...
Unescaped control characters in Gitblit
Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext '[email protected]\n\trole = "admin"' value...
CVE-2022-31267
Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext '[email protected]\n\trole = "admin"' value...
UBUNTU-CVE-2022-0456
Use after free in Web Search in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via profile destruction...
Parallels Remote Application Server 安全漏洞
Parallels Remote Application Server RAS is an application delivery and VDI Virtual Desktop Infrastructure solution from Parallels, Inc. A security vulnerability exists in Parallels Remote Application Server RAS that originated from a vulnerability that allows a local attacker to retrieve certain...
Bagisto 1.3.3 - Client-Side Template Injection Vulnerability
Exploit Title: Bagisto 1.3.3 - Client-Side Template Injection Exploit Author: Mohamed Abdellatif Jaber Vendor Homepage: https://bagisto.com/en/ Software Link: https://github.com/bagisto/bagisto Version: v1.3.3 Tested on: windows | chrome | firefox Exploit :. 1- register an account and login your...
DRUPAL-CONTRIB-2021-032
This module provides a system for building an ecommerce solution in their Drupal site. The module doesn't sufficiently verify access to profile data in certain circumstances. This vulnerability is mitigated by the fact that an attacker must have permission to perform the checkout operation...