PT-2022-15501 · Sap · Sap S/4Hana

Name of the Vulnerable Software and Affected Versions: SAP S/4HANA versions 100 through 106 Description: The issue concerns the F0743 Create Single Payment application, which fails to check uploaded or downloaded files. This oversight allows an attacker with basic user rights to execute arbitrary...

Modex代码问题漏洞

Modex is a model extractor. It is used to mechanically extract verification models from implementation-level C code. A security vulnerability exists in Modex, which stems from the fact that Modex v2.11 was found to contain a NULL pointer dereference in setcreateid of xtract.c. The vulnerability i...

The vulnerability of the onCreatePermissionRequest function in SettingsSliceProvider.java in the Android operating system, which allows a hacker to escalate their privileges.

The vulnerability of the onCreatePermissionRequest function in SettingsSliceProvider.java in the Android operating system is related to insecure management of permissions. Exploiting this vulnerability could allow a malicious actor to enhance their privileges...

Business Logic Errors

dolibarr/dolibarr is vulnerable to business logic errors. An attacker can exploit this flaw by providing a negative price amount to the create function in don.class.php as it does not properly check user input negative price amounts...

CVE-2021-43951

Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated remote attackers to view object import configuration details via an Information Disclosure vulnerability in the Create Object type mapping feature. The affected versions are before version 4.21.0...

CVE-2021-46075

A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations...

CVE-2021-46075

A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations...

xorg-x11-server: SwapCreateRegister out-of-bounds access

A flaw was found in xorg-x11-server where an out-of-bounds access can occur in the SwapCreateRegister function...

PT-2025-8403

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue in the Linux kernel has been identified, specifically in the btrfs module. The problem occurs when certain functions, such as btrfs qgroup inherit, btrfs alloc tree block, or btr...

Rust rusqlite crate 资源管理错误漏洞

Rust rusqlite crate is an ergonomic wrapper for using SQLite from Rust. it attempts to expose a rust-postgres-like interface. versions 0.25.x prior to 0.25.4 and 0.26.x prior to 0.26.2 of Rust rusqlite crate are vulnerable to security vulnerability, which stems from a resource management error in...

Rust rusqlite crate 资源管理错误漏洞

Rust rusqlite crate is an ergonomic wrapper for using SQLite from Rust. it attempts to expose a rust-postgres-like interface. versions 0.25.x prior to 0.25.4 and 0.26.x prior to 0.26.2 of Rust rusqlite crate are vulnerable to security vulnerability, which stems from a resource management error in...

Rust rusqlite crate 资源管理错误漏洞

Rust rusqlite crate is an ergonomic wrapper for using SQLite from Rust. it attempts to expose a rust-postgres-like interface. versions 0.25.x prior to 0.25.4 and 0.26.x prior to 0.26.2 of Rust rusqlite crate are vulnerable to security vulnerability, which stems from a resource management error in...

Rust rusqlite crate 资源管理错误漏洞

Rust rusqlite crate is an ergonomic wrapper for using SQLite from Rust. it attempts to expose a rust-postgres-like interface. versions 0.25.x prior to 0.25.4 and 0.26.x prior to 0.26.2 of Rust rusqlite crate are vulnerable to security vulnerability, which stems from a resource management error in...

DEBIAN-CVE-2021-45480

An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the rdsconncreate function in net/rds/connection.c in a certain combination of circumstances...

Keycloak: Incorrect authorization allows unpriviledged users to create other users

A flaw was found in Keycloak version from 12.0.0 and before 15.1.1 which allows an attacker with any existing user account to create new default user accounts via the administrative REST API even when new user registration is disabled...

CVE-2021-4011

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

DEBIAN-CVE-2021-4011

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

OSV-2021-1704 Stack-buffer-overflow in pdfi_create_iccbased

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42460 Crash type: Stack-buffer-overflow WRITE 4 Crash state: pdficreateiccbased pdficreatecolorspacebyarray pdfisetcolorspace...

Red Hat Keycloak 访问控制错误漏洞

A security vulnerability exists in Red Hat Keycloak, a suite of software from Red Hat that provides authentication and management capabilities for modern applications and services. keycloak has a security flaw that stems from incorrect authorization of Keycloak allowing unprivileged users to crea...

UBUNTU-CVE-2021-4011

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...