165 matches found
CVE-2022-1955
Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation...
CVE-2022-1955
Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation...
Authentication flaw
Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation...
CVE-2022-1955
CVE-2022-1955 affects the Session app (version 1.13.0). The root cause described across sources is a lack of adequate security controls to prevent dynamic code manipulation, enabling an attacker with physical access to bypass the password/pin lock and access user data. Public details in the docum...
Cross site request forgery (csrf)
A vulnerability was found in Global Content Blocks Plugin 2.1.5. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely...
Design/Logic Flaw
A vulnerability classified as critical was found in Hindu Matrimonial Script. This vulnerability affects unknown code of the file /admin/communitymanagement.php. The manipulation leads to improper privilege management. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2017-20061 Elefant CMS extended Reflected cross site scriting
A vulnerability has been found in Elefant CMS 1.3.12-RC and classified as problematic. This vulnerability affects unknown code of the file /admin/extended. The manipulation of the argument name with the input %3Cimg%20src=no%20onerror=alert1%3E leads to basic cross site scripting Reflected. The...
Design/Logic Flaw
A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...
CVE-2022-1716
Keep My Notes v1.80.147 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation...
CVE-2022-1716
Keep My Notes v1.80.147 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation...
Authentication flaw
Keep My Notes v1.80.147 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation...
PT-2022-14068 · Unknown · Keep My Notes
Name of the Vulnerable Software and Affected Versions: Keep My Notes version 1.80.147 Description: The issue allows an attacker with physical access to the victim's device to bypass the application's password/pin lock, accessing user data due to inadequate security controls that fail to prevent...
KiteTech Keep My Notes 安全漏洞
KiteTech Keep My Notes is a simple, efficient and very easy to use notepad from KiteTech. A security vulnerability exists in KiteTech Keep My Notes version 1.80.147, which stems from a lack of sufficient security controls to prevent dynamic code manipulation. An attacker can exploit the...
CVE-2022-1161 ICSA-22-090-05 Rockwell Automation Logix Controllers
An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to chang...
Inflate collateral token and partial bypass minting fee by directly transferring to _strategyController
Lines of code Vulnerability details Impact This bug enables partial bypass of fee while minting Collateral tokens through Collateral.deposit. Attackers can also utilize this bug to inflate prices of Collateral tokens, creating "unfair advantages" for early minters of Collateral tokens. Proof of...
Improper Input Validation in Xerces
A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This iss...
Moderate: Red Hat Security Advisory: gcc-toolset-10-binutils security update
An update for gcc-toolset-10-binutils is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
binutils security update
An update is available for binutils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The binutils packages provide a collection of binary utilities for the...
Moderate: gcc-toolset-11-binutils security update
The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: Developer environment:...
RLSA-2021:4594 Moderate: gcc-toolset-11-binutils security update
The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: Developer environment:...