24 matches found
Wrong calculation on _collectRentAction
Handle adelamo Vulnerability details Impact The method collectRentAction contains the following code: ... else if !foreclosed && limitHit && marketLocked // CASE 4 // didn't foreclose AND // did hit time limit AND // did lock market // THEN refund rent between the earliest event and now if...
UBUNTU-CVE-2020-28493
This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDoS vulnerability is mainly due to the punctuationre regex operator and its use of multiple wildcards. The last wildcard is the most exploitable as it searches for trailing punctuation. This issue can be mitigated by Markdown to...
Investors concerned about smartphone addiction; Apple responds with new webpage
Hot on the heels of an open letter from investors urging Apple to do more to protect children from smartphone addiction, the tech giant has recently dedicated a page on their website to families. The "Families" page, which can be accessed at apple.com/families, contains tools parents can use to s...
Buffer overflow
The varexport function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if displayerrors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution...