11189 matches found
CVE-2021-36994
There is a issue that trustlist strings being repeatedly inserted into the linked list in Huawei Smartphone due to race conditions. Successful exploitation of this vulnerability can cause exceptions when managing the system trustlist...
CVE-2021-22481
There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2021-22481
There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality...
Spoofing
There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality...
Design/Logic Flaw
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable...
CVE-2021-22456
Technical details about CVE-2021-22456 are not publicly provided in the supplied documents. Monitor for updates from HarmonyOS/Huawei advisories and related CVE pages.
CVE-2021-22481
Technical details about CVE-2021-22481 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.
CVE-2021-22481
There is a Verification errors vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality...
The vulnerability of the QEMU hardware emulation software, related to pointer swapping errors, allows a hacker to trigger a service failure.
The vulnerability of the QEMU hardware emulation software is related to pointer assignment errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the VXLAN Operation, Administration, and Maintenance (OAM) function of the Cisco NX-OS operating system allows a attacker to trigger a maintenance failure.
The vulnerability of the VXLAN Operation, Administration, and Maintenance OAM function of the Cisco NX-OS operating system is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to trigger maintenance failures remotely...
The vulnerability of the decode_mcu() function in the libjpeg-turbo library allows a attacker to compromise the accessibility of protected information.
The vulnerability of the decodemcu function in the libjpeg-turbo library is related to resource management errors. Exploiting this vulnerability allows a remote attacker to compromise the accessibility of protected information by excessive consumption of processor resources...
CVE-2021-41105
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. When handling SRTP calls, FreeSWITCH prior to version 1.10.7 is susceptible to a DoS where calls can be terminated...
PT-2021-23092 · Unknown +1 · Freeswitch +1
Name of the Vulnerable Software and Affected Versions: FreeSWITCH versions prior to 1.10.7 Description: The issue allows remote attackers to terminate calls by flooding a media port handling SRTP traffic with specially crafted SRTP packets, leading to denial of service. This can be done...
CLSA-2021-1634925634 Fixed 9 CVEs in squid34
CVE-2020-15049: fix incorrect validation of Content-Length field leading to Http smuggling and Poisoning attack - CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of service - CVE-2020-25097: fix improper input validation allowing HTTP smuggling from trusted client -...
CLSA-2021-1634925600 Fixed CVEs in squid: CVE-2020-15049, CVE-2020-14058
CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of service - CVE-2020-15049: fix incorrect validation of Content-Length field leading to Http smuggling and Poisoning attack...
Business Logic Errors in simplcommerce/simplcommerce
Description SimplCommerce allows negative product allowing one to get products for free The fix here https://github.com/simplcommerce/SimplCommerce/issues/971 does not work because client-side controls can by bypassed by modifying the POST request Proof of Concept 1: Add one $75 and $25 item in...
The vulnerability of the Synergia operating system, related to errors in access control policies of SELinux, allows a perpetrator to gain read access to system files.
The vulnerability of the Synergia operating system is related to errors in access control policies of SELinux. Exploiting this vulnerability can allow an attacker to gain read access to system files...
The vulnerability of the WordPress website content management system, related to authentication errors, allows a hacker to circumvent existing restrictions.
The vulnerability of the WordPress website content management system is related to authentication errors. Exploiting this vulnerability could allow a malicious actor to bypass existing restrictions...
Why is Cybersecurity Failing Against Ransomware?
Yes, security is hard – no one is ever 100 percent safe from the threats lurking out there. But how is it that time and time again, companies – big companies – are continuing to fall for ransomware attacks? Why aren’t we getting any better at preventing them? Let’s explore the main reasons why,...
Rebalance will fail due to low precision of percentages
Handle cmichel Vulnerability details The AssetManager.rebalance function has a check at the end to ensure that all tokens are deposited again: requiretoken.balanceOfaddressthis == 0, "AssetManager: there are remaining funds in the fund pool"; The idea is that the last market deposits all...