5 matches found
The vulnerability of the createRegister method implementation in Apache OFBiz’s enterprise resource planning software allows a hacker to gain unauthorized access to protected information.
The vulnerability of the createRegister method in Apache OFBiz’s enterprise resource planning software lies in the leakage of information in error messages. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...
Apache OFBiz createRegister Error Message Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apache OFBiz. Authentication is not required to exploit this vulnerability. The specific flaw exists within the createRegister method. The issue results from outputting an error message that...
MGASA-2020-0350 Updated x11-server packages fix security vulnerabilities
The handler for the XkbSetNames request does not validate the request length before accessing its contents CVE-2020-14345. An integer underflow exists in the handler for the XIChangeHierarchy request CVE-2020-14346. An integer underflow exist in the handler for the XkbSelectEvents request...
FreeBSD : xorg-server -- Multiple input validation failures in X server extensions (ffa15b3b-e6f6-11ea-8cbf-54e1ad3d6335)
The X.org project reports : All theses issuses can lead to local privileges elevation on systems where the X server is running privileged. The handler for the XkbSetNames request does not validate the request length before accessing its contents. An integer underflow exists in the handler for the...
xorg-server -- Multiple input validation failures in X server extensions
The X.org project reports: All theses issuses can lead to local privileges elevation on systems where the X server is running privileged. The handler for the XkbSetNames request does not validate the request length before accessing its contents. An integer underflow exists in the handler for the...