Division before multiplication can lead to precision errors

Lines of code Vulnerability details Impact Since we are working with integer, if we divide before multiply, it can lead to precision errors. In this case, it can lead to error in quorum votes calculation in dynamicQuorumVotes function, allowing proposal be succeeded easier since quorumVote is...

The vulnerability of the XMLRPC API interface of the Movable Type content management system allows attackers to execute arbitrary commands.

The vulnerability of the XMLRPC API interface of the Movable Type content management system is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

Ubuntu: Security Advisory (USN-124-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2435-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla: Address bar spoofing via XSLT error handling

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of an attacker abusing XSLT error handling to associate attacker-controlled content with another origin, which was displayed in the address bar. This issue could be used to fool the user into submitting data...

Mozilla: Address bar spoofing via XSLT error handling

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of an attacker abusing XSLT error handling to associate attacker-controlled content with another origin, which was displayed in the address bar. This issue could be used to fool the user into submitting data...

The vulnerability of the System Management Mode (SMM) implementation in HP notebook BIOS microprogramming systems allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the System Management Mode SMM implementation in HP notebook BIOS microprogramming systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause system failures...

The vulnerability of the Windows operating system’s kernel, which allows a hacker to disclose protected information

The vulnerability of the Windows operating system’s kernel is related to access control errors. Exploiting this vulnerability can allow an attacker to disclose protected information through a specially created application...

The vulnerability of the System Management Mode (SMM) implementation in HP notebook BIOS microprogramming systems allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the System Management Mode SMM implementation in HP notebook BIOS microprogramming systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause system failures...

The vulnerability of the gntalloc driver of the Xen hypervisor allows a hacker to cause a service failure.

The vulnerability of the gntalloc driver in Xen hypervisors arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow attackers to cause service failures...

The vulnerability of the Azure RTOS GUIX Studio development environment, related to access segmentation faults, allows attackers to disclose protected information.

The vulnerability of the Azure RTOS GUIX Studio development environment is related to access control errors. Exploiting this vulnerability could allow an attacker to disclose sensitive information through a specially created application...

The vulnerability of the netfront component in the Xen hypervisor allows a attacker to trigger a service failure.

The vulnerability of the netfront component in the Xen hypervisor is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Kerberos protocol for Windows operating systems is related to privilege management errors. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

The vulnerability of the driver of the Windows Cloud Files mini-filter on the Windows operating system allows a hacker to escalate their privileges.

The vulnerability of the Windows Cloud Files mini-filter driver in the Windows operating system is related to privilege management errors. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...

The vulnerability of the generate_loadvar() function in the Vim text editor allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the generateloadvar function in the Vim text editor is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the BitLocker data protection function of the Microsoft Windows operating system, which allows a hacker to bypass the authentication process

The vulnerability of the BitLocker data protection function in the Microsoft Windows operating system is related to security configuration errors. Exploiting this vulnerability can allow an attacker to bypass the authentication process...

The vulnerability in the implementation of the SVG <use> element in the Mozilla Firefox browser allows a malicious actor to execute arbitrary JavaScript code.

The vulnerability of the SVG element implementation in Mozilla Firefox is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code remotely...

The vulnerability of the BI Publisher Security component of the Oracle BI Publisher reporting tool, related to code errors, allows an attacker to gain read access to data.

The vulnerability of the BI Publisher Security component of the Oracle BI Publisher reporting tool is related to errors in the code. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to data through HTTP requests...

The vulnerability of the Secure Socket Tunneling Protocol (SSTP) implementation in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Secure Socket Tunneling Protocol SSTP implementation in the Windows operating system is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Secure Socket Tunneling Protocol (SSTP) implementation in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Secure Socket Tunneling Protocol SSTP implementation in the Windows operating system is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...