The vulnerability of the OpenDMARC authentication implementation, related to pointer assignment errors, allows a perpetrator to trigger a service denial.

The vulnerability of the OpenDMARC authentication implementation is related to pointer assignment errors. Exploiting this vulnerability could allow a malicious actor to trigger a service failure remotely...

Squid 信任管理问题漏洞

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. Squid suffers from a trust management issue vulnerability that stems from incorrect certificate validation. An attacke...

CVE-2021-3709

Function checkattachmentforerrors in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to...

CVE-2021-3709 Apport file permission bypass through emacs byte compilation errors

Function checkattachmentforerrors in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to...

sgxwallet buffer overflow vulnerability

Sgxwallet is an open source high-performance hardware-secure cryptographic wallet based on Intel Sgx technology. SKALE sgxwallet suffers from a buffer overflow vulnerability that can be exploited by attackers to cause segment errors and compromised security zones...

Rounding errors will occur for tokens without decimals

Handle tensors Vulnerability details Some rare tokens have 0 decimals: For these tokens, small losses of precision will be amplified by the lack of decimals. Consider a constant product pool with 1000 of token0 with no decimals, and 1000 of token1 also with no decimals. Suppose I swap n= 1,2,3,4 ...

The vulnerability of the component of the Blink module for browsers Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.

The vulnerability of the Blink module component of Google Chrome and Microsoft Edge browsers is related to data type conversion errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI, which arises from a user inputting constructed commands, dat...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI, which arises from a user inputting constructed commands, dat...

PT-2021-5851 · NetGear · Ex3800 +20

Name of the Vulnerable Software and Affected Versions: NETGEAR D7000v2 versions prior to 1.0.0.62 NETGEAR D8500 versions prior to 1.0.3.50 NETGEAR EX3700 versions prior to 1.0.0.84 NETGEAR EX3800 versions prior to 1.0.0.84 NETGEAR EX6120 versions prior to 1.0.0.54 NETGEAR EX6130 versions prior to...

CVE-2021-20377

IBM Security Guardium 11.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 195569...

Trane Tracer SC 安全漏洞

Trane Tracer SC is an intelligent field panel from Trane Australia that communicates with unit controllers LON or BACnet to provide independent control of HVAC equipment. A security vulnerability exists in the Trane Tracer SC that arises from a lack of proper validation of user input data by a...

Netflix errors – How to fix them

By Owais Sultan Netflix errors are a bane of existence for many Netflix users - Let's dig it and see how one can fix this error. This is a post from HackRead.com Read the original post: Netflix errors - How to fix them...

CLSA-2021-1632262221 Fix of CVE: CVE-2020-8517, CVE-2021-28651, CVE-2020-15049, CVE-2020-8449, CVE-2020-8450, CVE-2020-24606, CVE-2020-25097, CVE-2020-11945, CVE-2020-14058

CVE-2020-15049: fix incorrect validation of Content-Length field leading to Http smuggling and Poisoning attack - CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of service - CVE-2020-25097: fix improper input validation allowing HTTP smuggling from trusted client -...

The vulnerability of the ucompthread function in the stream.c component of the Lrzip compression program, related to pointer arithmetic errors, allows a malicious actor to cause a service failure.

The vulnerability of the ucompthread function in the stream.c component of the Lrzip compression program is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause a service failure through the use of a specially created compressed file...

The vulnerability of the Git-based software platform for collaborative code development on GitLab relates to errors in the certificate validation process, which allows attackers to compromise data integrity.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to errors in the certificate validation process. Exploiting this vulnerability allows a malicious actor to compromise the integrity of data...

Citrix Provisioning Services - vDisk Version Promotion Results In Failed Boot

After a vDisk version promotion Target Devices cannot successfully boot from the version. The Target might BSOD or hang at the UEFI splash screen. The vDisk version promotion prior to attempting to boot a device may appear to take a long time or cause a console error. The Provisioning servers fro...

The vulnerability of the avahi_s_host_name_resolver_start function in the Avahi service discovery system in local networks allows a attacker to trigger a service failure. This vulnerability is related to pointer arithmetic errors.

The vulnerability of the avahishostnameresolverstart function in the Avahi service discovery system in local networks is related to pointer arithmetic errors. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of the anonymous web browser Tor, related to authentication errors, allows a hacker to trigger a service denial.

The vulnerability of the anonymous web browser Tor is related to authentication errors. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service interruptions...

The vulnerability of the Nextcloud desktop synchronization tool’s client relates to authentication process errors, which allow attackers to compromise data integrity.

The vulnerability of the Nextcloud desktop synchronization tool’s client lies in the lack of SSL certificate verification when using the “Register with a Provider” protocol. Exploiting this vulnerability allows an attacker to compromise data integrity remotely...