422 matches found
Outpatient lobby app has information leakage vulnerability
Outpatient Hall APP is a mobile Internet medical care platform that helps users realize a number of services, such as free consultation before consultation, triage and guidance, and booking and registration. There is an information leakage vulnerability in Outpatient Hall APP. Because the APP use...
The vulnerability of the Android operating system, which allows a hacker to trigger a service failure
The vulnerability of QMI QOS TLVs in the Android operating system arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to cause service failures by using a specially crafted directory name, specified in the uid parameter associated with the WAR file name contained...
DEBIAN-CVE-2016-6190
SOGo before 2.3.12 and 3.x before 3.1.1 does not restrict access to the UID and DTSTAMP attributes, which allows remote authenticated users to obtain sensitive information about appointments with the "View the Date & Time" restriction, as demonstrated by correlating UIDs and DTSTAMPs between all...
Fast Breakfast App Has Arbitrary User Payment Password Change Vulnerability
Fast Breakfast APP is a mobile service software. There is an arbitrary user payment password modification vulnerability in Fast Breakfast APP. Due to the use of loginStatus and userTel parameters to query the userID of any user, it is possible to modify the payment password of any user...
docker: privilege escalation via confusion of usernames and UIDs
It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to launch a container could use this flaw to escalate their privileges to root within the launched container...
Bumble: Arbitrary modification value "session" (Cookie) in badoo.com
Users who log on through https://m.badoo.com/ receive a session cookie named "session" whose value represents the user identifier. I have found a way to change the value of the cookie, this error can be used to: Leave off the application to a particular user to log on again, the attacker would ha...
docker: privilege escalation via confusion of usernames and UIDs
It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to launch a container could use this flaw to escalate their privileges to root within the launched container...
Brainworks Software XpanceNET /index.php/request_passwordChange SQL Injection Vulnerability
Brainworks Software XpanceNET is a WEB-based application. Brainworks Software XpanceNET /index.php/requestpasswordChange handles a SQL injection vulnerability in the UserID parameter, which allows remote attackers to exploit the vulnerability by submitting a specially crafted SQL query to...
CVE-2015-2082
Cross-site scripting XSS vulnerability in Login.aspx in UNIT4 Prosoft HRMS before 8.14.330.43 allows remote attackers to inject arbitrary web script or HTML via the txtUserID parameter...
DEBIAN-CVE-2014-0012
FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain privileges by pre-creating a temporary directory with a user's uid. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1402...
PYSEC-2014-82
FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which allows local users to gain privileges by pre-creating a temporary directory with a user's uid. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1402...
PT-2011-1253 · Ibm · Ibm Rational Asset Manager
Name of the Vulnerable Software and Affected Versions: IBM Rational Asset Manager versions 7.5 Description: The issue is related to insufficient access control in the processing of the UID parameter, allowing a remote attacker to bypass security restrictions. This could enable an attacker to modi...
DEBIAN-CVE-2006-3082
parse-packet.c in GnuPG gpg 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service gpg crash and possibly overwrite memory via a message packet with a large length long user ID string, which could lead to an integer overflow, as demonstrated using the...
PT-2005-4658 · Ovbb · Ovbb
Name of the Vulnerable Software and Affected Versions: OvBB version 0.08a Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the threadid parameter to "thread.php" and the userid parameter to "profile.php". The vendor has disputed these...
DEBIAN-CVE-2005-3256
The key selection dialogue in Enigmail before 0.92.1 can incorrectly select a key with a user ID that does not have additional information, which allows parties with that key to decrypt the message...
Oracle buffer overflow
Command line buffer overflow allows to obtain oracle uid...
Несанкционированный доступ в PHProject (unauthorized access)
Изменив идентификатор пользователя можно получить доступ к данным другого пользователя...
CVE-1999-0169
NFS allows attackers to read and write any file on the system by specifying a false UID...
CVE-1999-0084
Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0...
CVE-1999-0084
Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0...