8 matches found
Astra Linux - уязвимость в libx11
A vulnerability was discovered in libX11. The security flaw arises because the functions in src/InitExt.c of libX11 do not check whether the values provided for the Request, Event, or Error IDs are within the bounds of the arrays to which those functions refer, by using those IDs as array indices...
CVE-2008-3891
The SAML Single Sign-On SSO Service for Google Apps allows remote service providers to impersonate users at arbitrary service providers via vectors related to authentication responses that lack a request identifier and recipient field...
PT-2025-2798 · Unknown · Compop.Ca Online Mall
Name of the Vulnerable Software and Affected Versions: compop.ca ONLINE MALL version 3.5.3 Description: An issue in compop.ca ONLINE MALL allows a remote attacker to execute arbitrary code via the rid, tid, et, and ts parameters. Recommendations: For compop.ca ONLINE MALL version 3.5.3, consider...
The vulnerability of the OAuth 2.0 authorization mechanism for Pushed Authorization Requests in the software tool for managing identity verification and access in Keycloak allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the OAuth 2.0 Pushed Authorization Request mechanism in the software for managing identity verification and access involves the storage of sensitive data in an open format within a cookie file called KCRESTART. Exploiting this vulnerability could allow an attacker to gain...
libX11: InitExt.c can overwrite unintended portions of the Display structure if the extension request leads to a buffer overflow
A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust...
Exploit for SQL Injection in Code-Projects Blood_Bank
CVE-2023-46021-Code-Projects-Blood-Bank-1.0-OOB-SQL-Injection-...
The vulnerability of the `ksmbd_verify_smb_message()` function in the `fs/smb/server/smb_common.c` file of the KSMBD file system of the Linux operating system allows a attacker to access protected information or cause service failures.
The vulnerability of the ksmbdverifysmbmessage function in the fs/smb/server/smbcommon.c file of the KSMBD file system in the Linux operating system is related to the lack of control over the request identifier. Exploiting this vulnerability could allow a remote attacker to access protected...
UBUNTU-CVE-2023-3138
A vulnerability was found in libX11. The security flaw occurs because the functions in src/InitExt.c in libX11 do not check that the values provided for the Request, Event, or Error IDs are within the bounds of the arrays that those functions write to, using those IDs as array indexes. They trust...