80 matches found
CVE-2023-4807
Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X8664 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses...
CVE-2023-4807 POLY1305 MAC implementation corrupts XMM registers on Windows
Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X8664 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses...
CVE-2023-4807 POLY1305 MAC implementation corrupts XMM registers on Windows
Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X8664 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses...
CVE-2021-44525
Zoho ManageEngine PAM360 before build 5303 allows attackers to modify a few aspects of application state because of a filter bypass in which authentication is not required...
CVE-2021-44676
Zoho ManageEngine Access Manager Plus before 4203 allows anyone to view a few data elements e.g., access control details and modify a few aspects of the application state...
CVE-2021-44676
Zoho ManageEngine Access Manager Plus before 4203 allows anyone to view a few data elements e.g., access control details and modify a few aspects of the application state...
CVE-2021-44676
CVE-2021-44676 affects Zoho ManageEngine Access Manager Plus prior to 4203. Root cause: lack of effective restrictions on user privileges, enabling unauthenticated access to view some data elements and modify certain application-state aspects. Impact is described as access control bypass with pot...
Zoho ManageEngine Access Manager Plus 授权问题漏洞
ZOHO Zoho ManageEngine Access Manager Plus is a privileged session management solution from ZOHO for enterprises to centralize, secure, and manage remote access to privileged sessions.A security vulnerability exists in versions of Zoho ManageEngine Access Manager Plus prior to 4203. The...
ZOHO ManageEngine Log360 授权问题漏洞
ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity and comply with regulatory? A security vulnerability...
PT-2021-24123 · Zoho · Zoho Manageengine Pam360
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine PAM360 versions prior to build 5303 Description: The issue allows attackers to modify certain aspects of application state due to a filter bypass that does not require authentication. Recommendations: For versions prior to...
CVE-2021-30696
An attacker in a privileged network position may be able to misrepresent application state. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A logic issue was addressed with improved state management...
CVE-2021-30696
An attacker in a privileged network position may be able to misrepresent application state. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave. A logic issue was addressed with improved state management...
in utmsigep/member-directory
✍️ Description Entering unintended values during the member creation flow causes unusual database state, unhandled exceptions/stack trace disclosure and denial of service due to continuous page crashes. 🕵️♂️ Proof of Concept - Select a member-status/group - Create New Member - Enter an invalid...
CVE-2020-9978
This issue was addressed with improved setting propagation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. An attacker in a privileged network position may be ab...
Design/Logic Flaw
This issue was addressed with improved setting propagation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. An attacker in a privileged network position may be ab...
CVE-2020-9978
CVE-2020-9978 is an Apple macOS/iOS family issue: a memory/setting-propagation flaw that could allow an attacker in a privileged network position to unexpectedly alter application state. Affected products include macOS Big Sur (11.0.1, 11.1), macOS Catalina (Security Update 2020-001), macOS Mojav...
Apple macOS has an unspecified vulnerability
Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by an attacker to change the state of an application...
Apple macOS 安全漏洞
Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by an attacker to change the state of an application...
CVE-2020-9941
This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. A remote attacker may be able to unexpectedly alter application state...
Design/Logic Flaw
This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. A remote attacker may be able to unexpectedly alter application state...