The vulnerability of the Elcomplus SmartPPT SCADA server, related to input validation errors, allows attackers to write arbitrary files to arbitrary locations within the file system.

The vulnerability of the Elcomplus SmartPPT SCADA server is related to input validation errors. Exploiting this vulnerability allows a malicious actor to write arbitrary files to arbitrary locations in the file system using a specially created HTTP request...

The vulnerability of the OCI (Open Container Initiative) Hotdog function, related to access control errors, allows attackers to increase their privileges.

The vulnerability of the OCI Open Container Initiative Hotdog function is related to access control errors. Exploiting this vulnerability can allow attackers to enhance their privileges...

Oracle data feeds are insufficiently validated

Lines of code Vulnerability details Impact If the oracle price feeds are insufficiently validated, there will be pricing errors leading to the miss-pricing of assets/risk Proof of Concept The code does not verify that answeredInRound = roundID for both cases where an oracle is used, and the...

The vulnerability of the libxslt library in the PHP programming language allows attackers to create arbitrary files.

The vulnerability of the libxslt library in the PHP programming language is related to privilege management errors. Exploiting this vulnerability allows a malicious actor to create arbitrary files remotely...

The vulnerability of the sessions subsystem in the PHP programming language interpreter allows attackers to intercept user sessions.

The vulnerability of the PHP interpreter’s sessions subsystem is related to privilege management errors. Exploiting this vulnerability allows a malicious actor to intercept a user’s session...

The vulnerability of the phar_parse_tarfile function in the PHP programming language allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the PHP interpreter extension is related to errors in number processing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure using a specially created tar archive...

The vulnerability of the timezone function in the PHP programming language interpreter allows attackers to trigger a service failure.

The vulnerability of the PHP language interpreter’s timezone function is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Advanced Local Procedure Call (ALPC) handler in the Windows operating system allows attackers to escalate their privileges.

The vulnerability of the Advanced Local Procedure Call ALPC in the Windows operating system arises due to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Perl programming language interpreter, related to resource release errors, allows attackers to cause service failures.

The vulnerability of the Perl programming language interpreter is related to resource release errors. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the OpenSSL interpreter for the PHP programming language allows a hacker to trigger a service failure.

The vulnerability of the OpenSSL interpreter for the PHP programming language is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the mt_rand function in the PHP programming language allows attackers to predict the returned values.

The vulnerability of the mtrand function in the PHP programming language is related to errors in number processing. Exploiting this vulnerability can allow a remote attacker to predict the values that will be returned...

The vulnerability of the apprentice_load function in the PHP programming language allows a hacker to trigger a service failure or potentially cause other adverse effects.

The vulnerability of the apprenticeload function in the PHP programming language is related to errors in the code. Exploiting this vulnerability may allow an attacker to cause service failures or potentially have other adverse effects...

SUSE-RU-2022:1384-1 Recommended update for Salt

This update fixes the following issues: salt: - Clear network interfaces cache on grains request bsc1196050 - Handle old qemu-img not supporting -U parameter bsc1195221 - Restrict 'state.orchestratesingle' to pass a pillar value if it exists bsc1194632 - Fix sparse disk errors on Python 2 virt...

The vulnerability of Adobe Illustrator’s graphic editor, related to pointer naming errors, allows a hacker to trigger a service failure.

The vulnerability of the Adobe Illustrator graphic editor is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the `php_raw_url_encode` function in the PHP programming language allows attackers to trigger a denial-of-service attack.

The vulnerability of the phprawurlencode function in the PHP programming language is related to errors in number processing. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability in the implementation of the DTLS protocol by the OpenSSL library, which allows a hacker to cause a service failure.

The vulnerability of the DTLS protocol implementation in the OpenSSL library is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the phar_parse_tarfile function in the PHP programming language allows a hacker to trigger a service failure.

The vulnerability of the pharparsetarfile function ext/phar/tar.c in the PHP programming language is related to errors in number processing. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

The vulnerability of Perl interpreter modules, related to privilege management errors, allows attackers to execute arbitrary code.

The vulnerability of modules from the @INC directory in the Perl interpreter is related to privilege management errors. Exploiting this vulnerability allows an attacker to execute arbitrary code using a Trojan virus program...

The vulnerability of the ftp_genlist function in the PHP programming language allows a hacker to execute arbitrary code.

The vulnerability of the ftpgenlist function ext/ftp/ftp.c in the PHP programming language is related to errors in number processing. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the _zip_cdir_new function in the PHP programming language allows a attacker to trigger a service failure or execute arbitrary code.

The vulnerability of the zipcdirnew function in the PHP programming language is related to errors in number processing. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...