Design/Logic Flaw

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondaryorder. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2...

CVE-2020-4032

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondaryorder. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2...

CVE-2020-4032 Integer casting vulnerability in `update_recv_secondary_order` in FreeRDP

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondaryorder. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2...

CVE-2020-4032

CVE-2020-4032 affects FreeRDP prior to 2.1.2, where an integer casting vulnerability occurs in update_recv_secondary_order. All clients with +glyph-cache or /relax-order-checks are affected. The issue is fixed in version 2.1.2. The connected sources consistently describe this as a vulnerability i...

CVE-2020-4032

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondaryorder. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2...

CVE-2020-4032

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondaryorder. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2...

The vulnerability of the typeization function in Google Chrome’s JavaScript browser allows a perpetrator to gain unauthorized access to confidential data, cause service failures, and compromise data integrity.

The vulnerability of the typecasting function in Google Chrome’s JavaScript browser is related to access to resources through incompatible data types. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential data, cause service failures, and compromise data...

[20200306] - Core - SQL injection in Featured Articles menu parameters

The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the "Featured Articles" frontend menutype...

Out-of-bounds

In DeepCopy of btifav.cc, there is a possible out of bounds read due to improper casting. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

CVE-2019-2227

CVE-2019-2227 affects Android devices via a DeepCopy bug in btif_av.cc that can trigger an out-of-bounds read, enabling remote information disclosure over Bluetooth without user interaction. The entry covers Android 9 and 10, with impact described as information disclosure (confidentiality) and a...

DLL Hijacking Vulnerability in LePlay Screen Casting pc Client Software

LePlay Screen Casting for PC, LePlay Screen Casting for PC is a smart computer screen casting software. LePlay screen casting pc client software exists DLL hijacking vulnerability, attackers can use the vulnerability in the client process to inject executable DLL file, to perform arbitrary...

CVE-2012-6124

A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes and is advertised as being unsuitable."...

DEBIAN-CVE-2012-6124

A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes and is advertised as being unsuitable."...

CVE-2012-6124

A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes and is advertised as being unsuitable."...

Code injection

A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes and is advertised as being unsuitable."...

CVE-2012-6124

CVE-2012-6124 concerns Chicken before 4.8.0 on 64‑bit platforms, where a casting error in the random number generator causes it to return a constant value. The vendor notes that this function isn’t used for security purposes. Connected sources (PT-2019-6812/6811) indicate the fix is to upgrade to...

CVE-2012-6124

A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes and is advertised as being unsuitable."...

CVE-2012-6124

A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes and is advertised as being unsuitable."...

Security testing guide for JSON / REST APIs #1/3

Fuzzing is everything ; It’s the most useful and resultative hacking technique for sure. At the same time, fuzzing is not just random hitting applications or binaries with some random bytes. It’s more about ideas, a deep understanding of data formats and application flows, technology stacks, and ...

CVE-2019-9403

In cn-cbor, there is a possible out of bounds read due to improper casting. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113512324...