PT-2022-28217 · Unknown · Adhocore/Json-Comment +1

Name of the Vulnerable Software and Affected Versions: PocketMine-MP affected versions not specified Description: The issue arises from the pocketmineentitySkin component not handling errors correctly when parsing skin geometry data. Specifically, it expects false to be returned in case of an...

The vulnerability of the Secure Socket Tunneling Protocol (SSTP) implementation in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Secure Socket Tunneling Protocol SSTP implementation in the Windows operating system is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the monitoring tool for VMware vRealize Operations, related to authentication errors, allows a perpetrator to create a user with administrative privileges.

The vulnerability of the monitoring tool for VMware vRealize Operations is related to authentication errors. Exploiting this vulnerability could allow a malicious actor to create a user with administrative privileges...

The vulnerability of the HPE OneView IT infrastructure management system, related to authentication errors, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the HPE OneView IT infrastructure management system is related to authentication errors. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected information...

The vulnerability of the TeamPass password manager, related to security configuration errors, allows a hacker to execute arbitrary PHP code.

The vulnerability of the TeamPass password manager is related to security configuration errors. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary PHP code...

The vulnerability of the TeamPass password manager, related to security configuration errors, allows a hacker to access information from the database.

The vulnerability of the TeamPass password manager is related to security configuration errors. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain information from the database...

The vulnerability of the xenbus component of the Xen hypervisor allows a attacker to cause a service failure.

The vulnerability of the xenbus component of the Xen hypervisor arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the netfront component in the Xen hypervisor allows a attacker to trigger a service failure.

The vulnerability of the netfront component in Xen hypervisors arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause a service failure...

OPENSUSE-SU-2022:10088-1 Security update for opera

This update for opera fixes the following issues: Opera was updated to 89.0.4447.71 - CHR-8957 Update chromium on desktop-stable-103-4447 to 103.0.5060.134 - DNA-100492 authPrivate.storeCredentials should work with running auth session - DNA-100649 “Sign out” from settings doesn’t also sign out...

OPENSUSE-SU-2022:10087-1 Security update for opera

This update for opera fixes the following issues: opera was updated to 89.0.4447.71 - CHR-8957 Update chromium on desktop-stable-103-4447 to 103.0.5060.134 - DNA-100492 authPrivate.storeCredentials should work with running auth session - DNA-100649 “Sign out” from settings doesn’t also sign out...

The vulnerability of the Modbus TCP protocol implementation in microprogrammed software for programmable logic controllers from Schneider Electric, such as Modicon M340, M580, MC80, Modicon Momentum MDI, Legacy Modicon Quantum, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Modbus TCP protocol implementation in microprogrammed logic controllers from Schneider Electric, such as Modicon M340, M580, MC80, Modicon Momentum MDI, and Legacy Modicon Quantum, is related to errors in information processing. Exploiting this vulnerability can allow an...

GLSA-202208-29 : Nokogiri: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202208-29 Nokogiri: Multiple Vulnerabilities - Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version 1.11.0.rc4 there is an XXE vulnerability. XML Schema...

Upgraded Q -> H from 210 [1660349369322]

Judge has assessed an item in Issue 210 as High risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> H from 54 [1660349227136]

Judge has assessed an item in Issue 54 as High risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

The vulnerability of the Computational Fluid Dynamics Simcenter STAR-CCM+ software for simulation applications is related to errors in information processing. This vulnerability allows attackers to gain unauthorized access to protected information about the host and the names of users being displayed by the software.

The vulnerability of the Computational Fluid Dynamics Simulation software, Simcenter STAR-CCM+, is related to errors in information processing. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information about the host and the identities of the...

The vulnerability of the Secure Socket Tunneling Protocol (SSTP) implementation in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Secure Socket Tunneling Protocol SSTP implementation in the Windows operating system is related to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

The vulnerability of Microsoft Windows Defender, a security software for Windows operating systems, allows a hacker to bypass the Kerberos authentication process.

The vulnerability of Microsoft Windows Defender operating system is related to security configuration errors. Exploiting this vulnerability can allow a hacker to bypass the Kerberos authentication process...

The vulnerability of the Linux operating system’s kernel memory management subsystem, which allows attackers to increase their privileges

The vulnerability of the Linux operating system’s kernel memory management subsystem is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Windows Hyper-V hardware virtualization system allows a perpetrator to execute arbitrary code or gain unauthorized access to the device.

The vulnerability of the Windows Hyper-V hardware virtualization system arises due to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to execute arbitrary code or gain unauthorized access to the device...

The vulnerability of Microsoft Excel editors, related to security configuration errors, allows attackers to circumvent existing security restrictions.

The vulnerability of Microsoft Excel editors is related to security configuration errors. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions...