136 matches found
CVE-2024-27717
Cross Site Request Forgery vulnerability in Eskooly Free Online School Management Software v.3.0 and before allows a remote attacker to escalate privileges via the Token Handling component...
eSkooly Security Vulnerabilities
eSkooly is a free online school management software from eSkooly, Inc. A security vulnerability exists in eSkooly 3.0 and prior versions that stems from a cross-site request forgery vulnerability that allows remote attackers to elevate privileges via the token handling component...
CVE-2024-27717
CVE-2024-27717 affects Eskooly Free Online School Management Software
CVE-2024-27717
Cross Site Request Forgery vulnerability in Eskooly Free Online School Management Software v.3.0 and before allows a remote attacker to escalate privileges via the Token Handling component...
Updated krb5 packages fix security vulnerabilities
Before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. CVE-2024-37370 Before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending...
SUSE CVE-2024-37371
In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields...
AZL-42999 CVE-2024-37371 affecting package krb5 for versions less than 1.19.4-3
In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields...
CVE-2024-37371
In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields...
CVE-2024-37371
In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields...
PT-2024-2003 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel ksmbd affected versions not specified Description: The issue is related to the incorrect handling of authentication tokens in the smb2 sess setup function within the Linux kernel's ksmbd server. This can potentially allow an...
kernel: mptcp: use the workqueue to destroy unaccepted sockets
In the Linux kernel, the following vulnerability has been resolved: mptcp: use the workqueue to destroy unaccepted sockets Christoph reported a UaF at token lookup time after having refactored the passive socket initialization part: BUG: KASAN: use-after-free in tokenbucketbusy+0x253/0x260 Read o...
Upgraded Q -> 3 from #619 [1675724566035]
Judge has assessed an item in Issue 619 as 3 risk. The relevant finding follows: The function withdrawRemainingTokens can be changed in a safer way to handle the withdraw from the owner and the protocol fee as well. This prevent risks allocated with the protocol fees. By the docs this function is...
Legitimate token / USD pairs with more than 8 decimals are not handled correctly
Lines of code Vulnerability details Impact The decimals returned by the Chainlink oracles are assumed to be 8 throughout this protocol. However, there are legitimate token / USD pairs that have the corresponding Chainlink oracles to return more than 8 decimals; for example, the AMPL / USD pair's...
PT-2021-22738 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 8.0 and later Description: The issue arises when an admin impersonates a user in GitLab CE/EE, resulting in access tokens not being cleared after the impersonation ends. This may lead to unnecessary sensitive information...
Vault treats all tokens exactly the same that creates (huge) arbitrage opportunities.
Handle jonah1005 Vulnerability details Impact The v3 vault treats all valid tokens exactly the same. Depositing 1M DAI would get the same share as depositing 1M USDT. User can withdraw their share in another token. Though there's withdrawalProtectionFee 0.1 percent, the vault is still a no slippa...
CVE-2021-3352
The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an unauthenticated attacker to access view and modify user data without authorization due to improper handling of tokens...
CVE-2021-3352
The Software Development Kit in Mitel MiContact Center Business from 8.0.0.0 through 8.1.4.1 and 9.0.0.0 through 9.3.1.0 could allow an unauthenticated attacker to access view and modify user data without authorization due to improper handling of tokens...
Combodo iTop 跨站请求伪造漏洞
Combodo iTop is a set of open source web applications developed by Combodo France based on ITIL and used for daily operations in IT environments. The application provides event management, configuration management and issue management functions.Combodo iTop versions prior to 2.7.4 are vulnerable ...
CVE-2020-12495
Endress+Hauser Ecograph T Neutral/Private Label RSG35, ORSG35 with Firmware version prior to V2.0.0 is prone to improper privilege management. The affected device has a web-based user interface with a role-based access system. Users with different roles have different write and read privileges. T...
CVE-2020-15269
In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens could be used to access Storefront API v2 endpoints. The issue is patched in versions 3.7.11, 4.0.4 and 4.1.11. A workaround without upgrading is described in the linked advisory...