73 matches found
CVE-2023-34158
Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this vulnerability can cause third-party apps to hide app icons on the desktop to prevent them from being uninstalled...
OPC UA Legacy Java Stack 资源管理错误漏洞
The OPC UA Legacy Java Stack is a legacy support for the Java version of OPC UA from the OPC Foundation of America. A security vulnerability exists in versions of the OPC UA Legacy Java Stack prior to 6f176f2, which stems from an attacker's ability to block an OPC UA server application through...
systemd: deadlock in systemd-coredump via a crash with a long backtrace
A flaw was found in the systemd-coredump utility of systemd. When an application crashes, the systemd-coredump utility is called twice, once by the kernel and the second time in the [email protected] to write the data, process, and save the core file. Communication between the programs is...
CVE-2022-43572 Indexing blockage via malformed data sent through S2S or HEC protocols in Splunk Enterprise
In Splunk Enterprise versions below 8.2.9, 8.1.12, and 9.0.2, sending a malformed file through the Splunk-to-Splunk S2S or HTTP Event Collector HEC protocols to an indexer results in a blockage or denial-of-service preventing further indexing...
CVE-2022-28761
Zoom On-Premise Meeting Connector MMR before version 4.8.20220916.131 contains an improper access control vulnerability. As a result, a malicious actor in a meeting or webinar they are authorized to join could prevent participants from receiving audio and video causing meeting disruptions...
CVE-2022-35251
A cross-site scripting vulnerability exists in Rocket.chat v5 due to style injection in the complete chat window, an adversary is able to manipulate not only the style of it, but will also be able to block functionality as well as hijacking the content of targeted users. Hence the payloads are...
PT-2022-20317 · 3S Smart Software Solutions · Codesys V3
Name of the Vulnerable Software and Affected Versions: CODESYS V3 affected versions not specified Description: An uncontrolled resource consumption issue in the CmpChannelServer of CODESYS V3 allows an unauthorized attacker to block new communication channel connections. Existing connections are...
Bad use of safeApprove
Lines of code Vulnerability details Impact Function deposit in booster could revert when stake option is true if the contract has an allowance of the token for rewarcontract 0. The same in many contracts but in VE3DRewardPool.sol a user can get his rewards blocked. Proof of Concept If the contrac...
GeniXCMS denial of service (account blockage)
GeniXCMS before 1.1.0 allows remote attackers to cause a denial of service account blockage by leveraging the mishandling of certain username substring relationships, such as the admin username versus the admin username, related to register.php, User.class.php, and Type.class.php...
HCL BigFix Platform 跨站请求伪造漏洞
HCL Technologies HCL BigFix Platform is a suite of endpoint security management platform from HCL Technologies, India. The platform supports automated discovery, management and remediation of endpoint security issues. HCL Technologies HCL BigFix Platform suffers from a security vulnerability that...
CVE-2021-40171
The absence of notifications regarding an ongoing RF jamming attack in the SecuritasHome home alarm system, version HPGW-G 0.0.2.23F BGU-ITR-F1-BDBL.A30.20181117, allows an attacker to block legitimate traffic while not alerting the owner of the system...
SAP NetWeaver AS ABAP Denial of Service Vulnerability (CNVD-2021-29099)
SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A denial of service vulnerability exists in SAP NetWeaver AS ABAP versions 731, 740, and 750. The vulnerability...
SAP NetWeaver AS ABAP Business Server 安全漏洞
SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A denial of service vulnerability exists in SAP NetWeaver AS ABAP versions 731, 740, and 750. The vulnerability...
CVE-2016-20006
The REST/JSON project 7.x-1.x for Drupal allows blockage of user logins, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy...
CVE-2016-20006
The CVE concerns the REST/JSON project 7.x-1.x for Drupal, where SA-CONTRIB-2016-033 allows blocking of user logins. Connected sources corroborate that this entry relates to blocking logins within the Drupal REST/JSON 7.x-1.x module; no root-cause or technical exploit details are provided in the ...
EulerOS Virtualization 3.0.2.2 : libvirt (EulerOS-SA-2020-2209)
According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - qemu/qemudriver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows...
PT-2020-18447 · Dell · Dell Xps 13 9370 Bios
Name of the Vulnerable Software and Affected Versions: Dell XPS 13 9370 BIOS versions prior to 1.13.1 Description: The issue is related to improper exception handling. A local attacker with physical access could exploit this to prevent the system from booting until the exploited boot device is...
Denial Of Service (DoS)
libvirt.so is vulnerable to denial of service DoS. qemu/qemudriver.c mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service API blockage...
CVE-2019-20485
qemu/qemudriver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service API blockage...
CVE-2019-20485
qemu/qemudriver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service API blockage...