13 matches found
EUVD-2023-53991
Malicious code in bioql PyPI...
EUVD-2023-53989
Malicious code in bioql PyPI...
Unauthorized Access and Control in Proxy Contract
Lines of code Vulnerability details Summary: The code contains a bug that can lead to unauthorized access and control over the contract. This bug allows any caller, even those who are not the owner or address0, to bypass the intended access control mechanisms and execute arbitrary code on the...
CVE-2023-2665
Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0...
Update now! Zyxel patches critical firewall bypass vulnerability
In a security advisory Zyxel has urged customers to update because a security flaw can lead to the circumvention of firewall protection in several Zyxel products. Zyxel is a Taiwanese producer of modems and other networking equipment and its products are sold in over 150 countries. The...
Enforced Owner Can Extract Funds From The Contract
Lines of code Vulnerability details Impact During the code review, It has been observed that access control mechanisms are checked with the following line. LibDiamond.enforceIsContractOwner; The withdraw gaves abilitiy to contract owner extract all funds are sent to contract. This poses...
Cisco Firepower Management Center Software Policy (cisco-sa-fmc-iac-pZDMQ4wC)
A vulnerability in an access control mechanism of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to access services beyond the scope of their authorization. This vulnerability is due to insufficient enforcement of access control in the affected...
Lutron Quantum BACnet Integration Devices Information Disclosure Vulnerability
Lutron Quantum BACnet Integration device is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...
Samsung Smart TV Wi-Fi Direction Improper Authentication Vulnerability
Exploit for hardware platform in category remote exploits Samsung Smart TV Wi-Fi Direct Improper Authentication -------------------------------------------------------------------------------- 1. Advisory Information Title: Samsung Smart TV Wi-Fi Direct Improper Authentication Advisory ID:...
CVE-2016-9111
Incorrect access control mechanisms in Citrix Receiver Desktop Lock 4.5 allow an attacker to bypass the authentication requirement by leveraging physical access to a VDI for temporary disconnection of a LAN cable. NOTE: as of 20161208, the vendor could not reproduce the issue, stating "the...
F5 Networks BIG-IP : NTP vulnerability (K16393)
Some kernels do not offer protection for ::1 source addresses on IPv6 interfaces. Since NTP's access control mechanism is based on source address and localhost addresses generally have no restrictions, an attacker may be able to send malicious control and configuration packets by spoofing ::1...
Sun Java Plug-in Sandbox Security Bypass (CVE-2004-1029)
The Sun Java plug-in is a component of the Java 2 Runtime Environment. Sun's Java plug-in technology creates a connection between a Web browser and the Java platform. This connection enables Java applets, served from a Web site, to be run within a Web browser in a restricted environment, known as...
poprelayd & sendmail Arbitrary Mail Relay
Nessus has detected that the remote SMTP server allows relaying for users which were identified by 'POP before SMTP'. The access control mechanism is based on the POP server logs. However, it is possible to poison these logs, which means that any spammer could be using your mail server to send...