144 matches found
Denial Of Service (DOS)
libzephyr.so is vulnerable to Denial Of Service DOS. The vulnerability is caused by the leadvertisingreport function in /subsys/bluetooth/controller/hci/hci.c because an advertising packet is not processed properly when copying data. The root cause of the issue are integer overflow while storing ...
An integrated incident response solution with Microsoft and PwC
Today Microsoft Incident Response is excited to announce a new collaboration with PwC to expand our joint incident response and recovery capability. In this global alliance, Microsoft begins the initial containment and investigation, bringing a deep understanding of a company’s infrastructure to...
An integrated incident response solution with Microsoft and PwC
Today Microsoft Incident Response is excited to announce a new collaboration with PwC to expand our joint incident response and recovery capability. In this global alliance, Microsoft begins the initial containment and investigation, bringing a deep understanding of a company’s infrastructure to...
Collateralization ratio manipulation can cause a denial of service
Lines of code Vulnerability details Impact Stablecoin redeeming and profit accruing in the SavingsVest contract can be blocked when the collateralization ratio has overflown. Proof of Concept The mitigation recommended in 31 and implemented by the sponsor in this commit doesn't resolve the root...
Exploit for Command Injection in Vmware Aria_Operations_For_Networks
CVE-2023-20887 POC for CVE-2023-20887 VMWare Aria Operations f...
notation-go's verification bypass can cause users to verify the wrong artifact
Impact An attacker who controls or compromises a registry can lead a user to verify the wrong artifact. Patches The problem has been fixed in the release v1.0.0-rc.6. Users should upgrade their notation-go library to v1.0.0-rc.6 or above. Workarounds User should use secure and trusted container...
GHSA-RVRX-RRWH-R9P6 Notation's default `maxSignatureAttempts` in `notation verify` enables an endless data attack
Impact An attacker who controls or compromises a registry can make the registry serve an infinite number of signatures for the artifact, causing a denial of service to the host machine running notation verify. Patches The problem has been fixed in the release v1.0.0-rc.6. Users should upgrade the...
Post Action Report: Bad Firewall Rule Released to WPEngine Customers Wednesday
On Wednesday afternoon a small percentage of WPEngine websites using a paid version of Wordfence experienced a 500 Internal Server Error or white screen on their sites due to an erroneous firewall rule that we released. If you have experienced this issue, please check your email which contains...
How to troubleshoot PVS target device domain trust issue
Since both Citrix and Microsoft and 3rd party software can initiate changing password, sometimes the TD may lose domain trust. Reset machine password from PVS console can solve the issue, but sometimes we need to find out the root cause if too many TDs lose domain trust. This article aims to give...
Exploit for Untrusted Pointer Dereference in Microsoft
It is an exploit module targeting Apache HTTP Server. The target...
Virtuozzo Hybrid Server 7.5 Update 4 (7.5.4-465)
Virtuozzo Hybrid Server 7.5 Update 4 introduces new features and provides stability and usability bug fixes. It also introduces a new kernel 3.10.0-1160.80.1.vz7.191.4. Vulnerability id: PSBM-142718 Node IP was not set when changing 'vnclisten' in '/etc/libvirt/qemu.conf.' Vulnerability id:...
GHSA-GMHJ-XJFH-CF6M Caddy-SSH vulnerable to Authorization Bypass due to incorrect usage of PAM library
Not invoking a call to pamacctmgmt after a call to pamauthenticate to check the validity of a login can lead to an authorization bypass. Impact Exploitability The attack can be carried over the network. A complex non-standard configuration or a specialized condition is required for the attack to ...
Caddy-SSH vulnerable to Authorization Bypass due to incorrect usage of PAM library
Not invoking a call to pamacctmgmt after a call to pamauthenticate to check the validity of a login can lead to an authorization bypass. Impact Exploitability The attack can be carried over the network. A complex non-standard configuration or a specialized condition is required for the attack to ...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2225)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[PNM-002] The expiry of the parent node can be smaller than the one of a child node, violating the guarantee policy
Lines of code Vulnerability details Description By design, the child node's expiry can only be extended up to the parent's current one. Adding these restrictions means that the ENS users only have to look at the name itself's fuses and expiry without traversing the hierarchy to understand what...
FirmWire -b Full-System Baseband Firmware Emulation Platform For Fuzzing, Debugging, And Root-Cause Analysis Of Smartphone Baseband Firmwares
FirmWire is a full-system baseband firmware analysis platform that supports Samsung and MediaTek. It enables fuzzing, root-cause analysis, and debugging of baseband firmware images. See theFirmWire documentation to get started! Experiments & Missing Parts? Upon a vendor's request, the current...
The vulnerability of the Solution Manager Diagnostics (Root Cause Analysis) tool within the SAP Solution Manager software platform allows a perpetrator to enhance their privileges.
The vulnerability of the Solution Manager Diagnostics Root Cause Analysis tool within the SAP Solution Manager software platform is related to lack of access control mechanisms. Exploiting this vulnerability could allow an attacker to increase their privileges remotely...
[WP-H4] anchor_basset_reward pending yields can be stolen
Lines of code Vulnerability details For yield farming aggregators, if the pending yield on an underlying strategy can be harvested and cause a surge of rewards to all existing investors, especially if the harvest can be triggered permissionlessly. Then the attacker can amplify the attack using a...
CVE-2022-22544
SAP Solution Manager 720’s Diagnostics Root Cause Analysis Tool suffers from insufficient access control, enabling an administrator to execute code on all connected Diagnostics Agents and browse their files. This could allow an attacker with admin privileges to control managed systems, leading to...
CVE-2022-22544
Solution Manager Diagnostics Root Cause Analysis Tools - version 720, allows an administrator to execute code on all connected Diagnostics Agents and browse files on their systems. An attacker could thereby control the managed systems. It is considered that this is a missing segregation of duty f...