11215 matches found
CVE-2022-35299
SAP SQL Anywhere - version 17.0, and SAP IQ - version 16.1, allows an attacker to leverage logical errors in memory management to cause a memory corruption, such as Stack-based buffer overflow...
CVE-2022-35299
SAP SQL Anywhere - version 17.0, and SAP IQ - version 16.1, allows an attacker to leverage logical errors in memory management to cause a memory corruption, such as Stack-based buffer overflow...
The vulnerability of the Special:ChangeContentModel function in the software for implementing a hypertext environment like MediaWiki allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the Special:ChangeContentModel function in the MediaWiki software, which is used to implement the hypertext environment, is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and...
PT-2022-5319 · Microsoft · Office
Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Description: The issue is related to errors in the representation of information by the user interface in Microsoft Office packages. Exploitation of this issue may allow a remote attacker to...
PT-2022-5245 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an elevation-of-privilege vulnerability in the Windows WLAN Service, which is caused by errors in privilege management. This vulnerability can be exploited by an...
PT-2022-5302 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the implementation of the Point-to-Point Tunneling Protocol PPTP in Windows. This allows a remote attacker to...
PT-2022-5428 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the Windows Storage Services. Exploitation of this issue may allow an attacker to gain unauthorized access and...
The vulnerability of the Vim text editor, related to pointer naming errors, allows a hacker to trigger a service failure.
The vulnerability of the Vim text editor is related to errors in pointer manipulation when processing the eval1 frame root/vim/src/vim. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the SupportAssist component in the network operating system SmartFabric OS10 allows a perpetrator to gain access to protected information by carrying out “man-in-the-middle” attacks.
The vulnerability of the SupportAssist component in the SmartFabric OS10 network operating system is related to errors in the certificate validation process. Exploiting this vulnerability can allow an attacker to gain access to protected information by conducting “man-in-the-middle” attacks using...
MGASA-2022-0362 Updated php packages fix security vulnerability
Core Fixed bug GH-9323 Crash in ZENDRETURN/GC/zendcallfunction Fixed bug GH-9361 Segmentation fault on script exit 9379. Fixed bug GH-9407 LSP error in eval'd code refers to wrong class for static type. Fixed bug 81727: Don't mangle HTTP variable names that clash with ones that have a specific...
The vulnerability of the mod_wstunnel module in the lighttpd web server allows a hacker to cause a service failure.
The vulnerability of the modwstunnel module in the lighttpd web server is related to pointer dereferencing errors. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
The vulnerability of the Node.js software platform, related to errors in the implementation of authentication procedures, allows attackers to disclose sensitive information that should be protected.
The vulnerability of the Node.js software platform is related to errors in the implementation of authentication procedures. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information that is protected by the system...
USN-5659-1 kitty vulnerabilities
Stephane Chauveau discovered that kitty incorrectly handled image filenames with special characters in error messages. A remote attacker could possibly use this to execute arbitrary commands. This issue only affected Ubuntu 20.04 LTS. CVE-2020-35605 Carter Sande discovered that kitty incorrectly...
undertow: Large AJP request may cause DoS
A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service...
undertow: Large AJP request may cause DoS
A flaw was found in Undertow. AJP requests to the server may allow an attacker to send a malicious request and trigger server errors, resulting in a denial of service...
Weblate: No rate limiting for Remove Account lead to huge Mass mailings
Name of the vulnerability:- No rate limiting for Remove Account lead to huge Mass mailings Hlw Team I am a security researcher and I found this vulnerability in your website Business Logic Errors https://hosted.weblate.org Description : No Rate Limit is a type of computer security vulnerability...
The vulnerability of the Microsoft Visual Studio software, related to errors in processing input data, allows a hacker to execute arbitrary code.
The vulnerability of the Microsoft Visual Studio software relates to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code by running the malicious file with the user’s permission...
The vulnerability of Microsoft Edge browser on Windows operating systems, related to synchronization errors when using a shared resource, allows attackers to perform spear-phishing attacks.
The vulnerability of Microsoft Edge browser on Windows operating systems is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks...
The vulnerability of the MIFF component of the cross-platform library for working with GraphicsMagick allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the MIFF component in the cross-platform library for working with GraphicsMagick is related to authentication errors. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information...
Vulnerabilities in web browsers Firefox, Firefox ESR, and the email client Thunderbird, related to resource management errors, allow attackers to compromise the confidentiality and integrity of protected information.
The vulnerability in web browsers Firefox, Firefox ESR, and the email client Thunderbird is related to resource management errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of information that is loaded from subresources...