Incorrect Permission Assignment For Critical Resource

github.com/git-ecosystem/git-credential-manager/ is vulnerable to Incorrect Permission Assignment For Critical Resource. The vulnerability is due to improper file ownership settings where Debian package does not set root ownership on installed files. This allows user 1001 on a multi-user system t...

The vulnerability of the WLAvalancheService component in the Avalanche mobile device management system allows a hacker to trigger a service failure.

The vulnerability of the WLAvalancheService component in the mobile device management system of Avalanche is related to pointer assignment errors. Exploiting this vulnerability could allow a remote attacker to cause service failures...

Mozilla: Potential use-after-free due to AlignedBuffer self-move

The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...

Mozilla: Potential use-after-free due to AlignedBuffer self-move

The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...

Mozilla: Potential use-after-free due to AlignedBuffer self-move

The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...

Mozilla: Potential use-after-free due to AlignedBuffer self-move

The Mozilla Foundation Security Advisory describes this flaw as: If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free...

Mozilla Firefox Code Execution Vulnerability (CNVD-2024-36731)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code execution vulnerability that stems from the MarkStack assignment operator, which is part of the JavaScript engine and can access uninitialized memory if used for...

Security Bulletin: IBM Spectrum Symphony with spring-security-config is vulnerable to Incorrect Permission Assignment for Critical Resource

Summary IBM Spectrum Symphony with spring-security-config is vulnerable to Incorrect Permission Assignment for Critical Resource Vulnerability Details CVEID:CVE-2023-34042 DESCRIPTION: VMware Tanzu Spring Security could allow a local authenticated attacker to bypass security restrictions, caused ...

Security Bulletin: IBM Spectrum Conductor with spring-security-config is vulnerable to Incorrect Permission Assignment for Critical Resource

Summary IBM Spectrum Conductor with spring-security-config is vulnerable to Incorrect Permission Assignment for Critical Resource Vulnerability Details CVEID:CVE-2023-34042 DESCRIPTION: VMware Tanzu Spring Security could allow a local authenticated attacker to bypass security restrictions, caused...

CVE-2024-3862

The MarkStack assignment operator, part of the JavaScript engine, could access uninitialized memory if it were used in a self-assignment. This vulnerability affects Firefox 125...

DEBIAN-CVE-2024-3861

If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...

CVE-2024-3862

The MarkStack assignment operator, part of the JavaScript engine, could access uninitialized memory if it were used in a self-assignment. This vulnerability affects Firefox 125...

CVE-2024-3861

If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...

CVE-2024-3862

The vulnerability CVE-2024-3862 affects Mozilla Firefox and is caused by the MarkStack assignment operator in the JavaScript engine, which could access uninitialized memory if used in a self‑assignment. Affected products are Firefox versions older than 125. The practical impact is memory access r...

CVE-2024-3862

The MarkStack assignment operator, part of the JavaScript engine, could access uninitialized memory if it were used in a self-assignment. This vulnerability affects Firefox 125...

CVE-2024-3862

The MarkStack assignment operator, part of the JavaScript engine, could access uninitialized memory if it were used in a self-assignment. This vulnerability affects Firefox 125...

CVE-2024-0404

A mass assignment vulnerability exists in the /api/invite/:code endpoint of the mintplex-labs/anything-llm repository, allowing unauthorized creation of high-privileged accounts. By intercepting and modifying the HTTP request during the account creation process via an invitation link, an attacker...

CVE-2024-0404

A mass assignment vulnerability exists in the /api/invite/:code endpoint of the mintplex-labs/anything-llm repository, allowing unauthorized creation of high-privileged accounts. By intercepting and modifying the HTTP request during the account creation process via an invitation link, an attacker...

CVE-2024-0404 Mass Assignment Vulnerability in mintplex-labs/anything-llm

A mass assignment vulnerability exists in the /api/invite/:code endpoint of the mintplex-labs/anything-llm repository, allowing unauthorized creation of high-privileged accounts. By intercepting and modifying the HTTP request during the account creation process via an invitation link, an attacker...

CVE-2024-0404 Mass Assignment Vulnerability in mintplex-labs/anything-llm

A mass assignment vulnerability exists in the /api/invite/:code endpoint of the mintplex-labs/anything-llm repository, allowing unauthorized creation of high-privileged accounts. By intercepting and modifying the HTTP request during the account creation process via an invitation link, an attacker...