Authentication flaw

Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact is: Potential for unathorised access to data. The component is: Incorrect calls to ensureauth wrapper result in authentication-checking not being applied to al routes...

Advantech WebAccess/SCADA Authorization Issue Vulnerability (CNVD-2019-32480)

Advantech WebAccess/SCADA is a set of SCADA software from Advantech based on browser architecture. The software supports dynamic graphical display and real-time data control, and provides remote control and management of automation equipment. An authorization issue vulnerability exists in Advante...

CVE-2018-0500

Curlsmtpescapeeob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings i.e., use of a nonstandard --limit-rate argument or CURLOPTBUFFERSIZE...

The vulnerability of HMI/SCADA systems like InTouch Machine Edition and InduSoft Web Studio arises from buffer overflows in the stack. This allows attackers to escalate their privileges and execute arbitrary code.

The vulnerability of HMI/SCADA systems such as InTouch Machine Edition and InduSoft Web Studio arises due to buffer overflows in the stack. Exploiting this vulnerability allows a malicious actor to gain elevated privileges and execute arbitrary code...

Oracle Java SE Remote Vulnerability (CNVD-2017-24330)

Oracle Java SE is the United States Oracle Oracle company's set of standard version of the Java platform for the development and deployment of desktop, server, and embedded devices and real-time environments in the Java application. A security vulnerability exists in the Deployment subcomponent o...

Excavations and the use of ntpd vulnerability-vulnerability warning-the black bar safety net

0x01 description A few months ago, I decided to start doing fuzzing it. I chose the Network Time Protocol the Network Time Protocol, NTP is the reference implementation of ntpd as my first target, because I have NTP some of the background knowledge, while this Protocol seems very simple, can be...

CentOS Update for 389-ds-base CESA-2013:0628 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for 389-ds-base RHSA-2013:0628-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Oblog 4.5-4.6 access&mssql getshell 0day-vulnerability warning-the black bar safety net

Impact range: 4.5 - 4.6 Vulnerability requirements: IIS6. 0\Open Membership Mining author:henry Absolute originality, technical content is not high,but the impact of the relatively wide range of.. Vulnerability file: AjaxServer. asp 3 of 7 2 rows logfilename = TrimRequest"filename"//not filter...

CVE-2002-1214

Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to cause a denial of service hang and possibly execute arbitrary code via a certain PPTP packet with malformed control data...