The vulnerability of the Site Hierarchy Flows component of the Oracle Site Hub data storage and management system, a part of the Oracle E-Business Suite, allows an attacker to access, modify, add, and delete data.

The vulnerability of the Site Hierarchy Flows component of the Oracle Site Hub data storage and management system, a part of the Oracle E-Business Suite automation system for enterprise activities, is related to authentication errors. Exploiting this vulnerability could allow an attacker to gain...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of pgoff alignment in the device-dax subsystem, which could lead to memory access errors...

Adobe Illustrator < 24.2.0 Multiple Vulnerabilities (APSB20-37) (macOS)

The version of Adobe Illustrator installed on the remote macOS host is prior to 24.2.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB20-37 advisory. - Adobe Illustrator versions 24.1.2 and earlier have a buffer errors vulnerability. Successful exploitation could...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to authentication errors, allows a hacker to execute continuous integration and continuous delivery processes on arbitrary branches of the program.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to authentication errors. Exploiting this vulnerability allows a malicious actor to remotely execute continuous integration and continuous delivery processes on arbitrary branches of the...

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain full control over the application.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in authentication errors that occur when operations are performed outside the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain full control over the application...

The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B, related to authentication errors, allows attackers to bypass security restrictions.

The vulnerabilities of the software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to authentication errors. Exploiting these vulnerabilities can allow attackers to bypass security restrictions remotely...

The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in synchronization errors when using shared resources, allowing attackers to circumvent security restrictions.

The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a malicious actor to bypass security...

CVE-2018-25104

A vulnerability was found in CoinGate Plugin up to 1.2.7 on PrestaShop. It has been rated as problematic. Affected by this issue is the function postProcess of the file modules/coingate/controllers/front/callback.php of the component Payment Handler. The manipulation leads to business logic error...

CVE-2018-25104

A vulnerability was found in CoinGate Plugin up to 1.2.7 on PrestaShop. It has been rated as problematic. Affected by this issue is the function postProcess of the file modules/coingate/controllers/front/callback.php of the component Payment Handler. The manipulation leads to business logic error...

CVE-2018-25104

CVE-2018-25104 affects the CoinGate Plugin for PrestaShop (versions up to 1.2.7). The vulnerability lies in the postProcess function of modules/coingate/controllers/front/callback.php, leading to business logic errors. Exploitation is described as possible remotely, with upgrading to version 1.2....

PrestaShop CoinGate Plugin 安全漏洞

PrestaShop CoinGate Plugin is an open source plugin for CoinGate. A security vulnerability exists in PrestaShop CoinGate Plugin 1.2.7 and earlier versions, which stems from the postProcess function in the file modules/coingate/controllers/front/callback.php that can cause business logic errors...

The vulnerability of the Secure Channel component in Windows operating systems, which allows a hacker to perform a spoofing attack

The vulnerability of the Secure Channel component in Windows operating systems is related to errors in the certificate authentication process. Exploiting this vulnerability can allow a malicious actor to perform a spoofing attack remotely...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations, related to pointer assignment errors, allows attackers to execute arbitrary code.

The vulnerability of the Adobe Animate software for creating multimedia and computer animations is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

PT-2024-7378 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based versions up to 129.0.2792.52 Description: A spoofing issue is present in Microsoft Edge, related to errors in user interface information representation. This could allow a remote attacker to conduct spoofing...

ROS-20241017-02

Vulnerability in the "CONNECT", "DISCONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" components of the message broker Eclipse Mosquitto is related to segmentation errors. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to sensitive...

CVE-2024-20462

A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view passwords on an affected device. This vulnerability is due to incorrect sanitization of HTML conte...

ROS-20241016-01

Vulnerability of nvmet-tcp component of Linux kernel is related to dereferencing of NULL pointer in the nvmettcpinstallqueue function in drivers/nvme/target/tcp.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in iwldeallocucode function in...

The vulnerability of the Windows operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the Windows operating system’s kernel is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of Microsoft Defender for Endpoint on Linux operating systems, related to errors in processing the relative path to the directory, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Defender for Endpoint on Linux operating systems is related to errors in processing the relative path to the directory. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks...

ROS-20241015-05

Nano text editor vulnerability is related to temporary file handling errors. Exploitation exploitation of the vulnerability could allow an attacker to affect data integrity...