Microsoft Edge’s vulnerability, related to synchronization errors when using a shared resource, allows attackers to escalate their privileges.

The vulnerability of Microsoft Edge relates to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Kerberos protocol for Windows operating systems is related to privilege management errors. Exploiting this vulnerability can allow a attacker to enhance their privileges...

The vulnerability of the DNS Server component of the Windows operating system, related to synchronization errors when using a shared resource (“Race Situation”), allows a perpetrator to execute arbitrary code.

The vulnerability of the DNS Server component of the Windows operating system is related to synchronization errors when using a shared resource “Race Situation”. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

Upgraded Q -> M from 135 [1654503723748]

Judge has assessed an item in Issue 135 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Google Android 资源管理错误漏洞

Google Android is a Linux-based open source operating system from Google, Inc. Google Android is vulnerable to resource management errors, which can be exploited by attackers to cause a local privilege escalation that requires system execution privileges...

The vulnerability of the DNS Server component of the Windows operating system, related to synchronization errors when using a shared resource (“Race Situation”), allows a perpetrator to execute arbitrary code.

The vulnerability of the DNS Server component of the Windows operating system is related to synchronization errors when using a shared resource “Race Situation”. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

Dev error stack trace leaking into prod in Play Framework

Impact Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Play does this by configuring its DefaultHttpErrorHandler to do so based on the application mode. In its Scala API Play also provides a static object DefaultHttpErrorHandler...

Validation Bypass

bottle is vulnerable to validation bypass. The library mishandles errors in handle function during early request binding, allowing an attacker to compromise the target system...

Denial of service in bottle

Bottle before 0.12.20 mishandles errors during early request binding...

The vulnerability of the Windows operating system arises from synchronization errors when using a shared resource, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Windows operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Windows operating system arises from synchronization errors when using a shared resource, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Windows operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Kerberos protocol for Windows operating systems is related to privilege management errors. Exploiting this vulnerability can allow a attacker to enhance their privileges...

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, Microsoft SharePoint Enterprise Server, and Microsoft SharePoint Foundation relates to information representation errors in the user interface, allowing attackers to perform spoofing attacks.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, Microsoft SharePoint Enterprise Server, and Microsoft SharePoint Foundation relates to information display errors in the user interface. Exploiting this vulnerability allows a malicious actor to...

CVE-2022-31023 Dev error stack trace leaking into prod in Play Framework

Play Framework is a web framework for Java and Scala. Verions prior to 2.8.16 are vulnerable to generation of error messages containing sensitive information. Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Play does this by...

CVE-2022-31799

Bottle before 0.12.20 mishandles errors during early request binding...

DEBIAN-CVE-2022-31799

Bottle before 0.12.20 mishandles errors during early request binding...

OESA-2022-1691 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: Non-transparent sharing of branch predictor within a context in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access.CVE-2022-0002 In the Linux kernel before 5.17.3,...

The vulnerability of the CLI component of the Cisco IOS XE operating system for Cisco Catalyst 9000 Series network devices allows a perpetrator to escalate their privileges or execute arbitrary commands.

The vulnerability of the CLI component of the Cisco IOS XE operating system for Cisco Catalyst 9000 Series network devices is related to privilege assignment errors. Exploiting this vulnerability can allow an attacker to enhance their privileges or execute arbitrary commands...

PT-2022-2789 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based Description: The issue is related to synchronization errors when using a shared resource, allowing a remote attacker to potentially elevate their privileges. Recommendations: At the moment, there is no informatio...

The vulnerabilities of OPC UA data transfer specification implementations in industrial networks, related to pointer dereferencing errors, allow attackers to trigger service failures.

The vulnerability of OPC UA data transmission implementations in industrial networks is related to pointer dereferencing errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...